If you have a DrayTek router do this now.

By | March 8, 2023

DrayTek routers have been known to be vulnerable to exploitation in the past, with various security flaws being discovered and exploited by attackers. Some of the most significant security issues that have been identified in DrayTek routers include:

  1. Default credentials: In some models of DrayTek routers, default login credentials are hardcoded into the firmware. This makes it easy for attackers to gain access to the router’s admin panel, even if the user has changed their login details.
  2. Firmware vulnerabilities: DrayTek routers have been found to contain vulnerabilities in their firmware, which can be exploited by attackers to gain unauthorized access to the device or to execute malicious code.
  3. Cross-site scripting (XSS) vulnerabilities: DrayTek routers have been found to contain XSS vulnerabilities, which can be used by attackers to inject malicious scripts into the router’s web interface.
  4. CSRF vulnerabilities: DrayTek routers have also been found to contain CSRF vulnerabilities, which can be exploited by attackers to perform actions on the router’s web interface without the user’s knowledge or consent.

To protect against these vulnerabilities and ensure the security of their DrayTek routers, users should ensure that they have updated to the latest firmware version, change their default login credentials, and avoid using the router’s web interface on untrusted networks. Additionally, users can take further steps to secure their router, such as disabling remote access and enabling firewall protections.