The vulnerability of the web interface of Draytek Vigor routers, Draytek Vigor access points, Draytek Vigor switches, and the cloud platform Draytek Vigor Myvigor arises from the use of rigidly encrypted credentials. This allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the web interface of Draytek Vigor routers, Draytek Vigor access points, Draytek Vigor switches, and the cloud platform Draytek Vigor Myvigor is related to the use of rigidly encrypted login credentials. Exploiting this vulnerability allows a malicious actor to compromise the...

CVE-2023-33778

Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their o...

CVE-2023-33778

Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their o...

Draytek Vigor Routers 信任管理问题漏洞

DrayTek Vigor routers are a series of routers from DrayTek Taiwan. A security vulnerability exists in Draytek Vigor Routers firmware versions prior to 3.9.6/4.2.4, Access Points firmware versions prior to v1.4.0, Switches firmware versions prior to 2.6.7, Myvigor firmware versions prior to 2.3.2 ...

PT-2023-9803 · Draytek · Draytek Vigor Switches +3

Name of the Vulnerable Software and Affected Versions: Draytek Vigor Routers versions below 3.9.6/4.2.4 Draytek Vigor Access Points versions below v1.4.0 Draytek Vigor Switches versions below 2.6.7 Draytek Vigor Myvigor versions below 2.3.2 Description: The issue is related to the use of hardcode...