5 matches found
CVE-2023-33778
Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their o...
CVE-2023-33778
creationtimestamp| type| source ---|---|--- 2023-06-15 15:17:31+00:00| seen| MISP/3fc4f535-2faf-43c9-b690-2cf2251b598a...
CVE-2023-33778
Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their o...
CVE-2023-33778
Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their o...
CVE-2023-33778
Summary: CVE-2023-33778 relates to Draytek Vigor devices (Routers, Access Points, Switches, Myvigor) that ship with hardcoded encryption keys. This flaw lets an attacker bind an affected device to their own account and subsequently create WCF and DrayDDNS licenses and synchronize them from the we...