Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows malicious users to bind any affected device to their own account. Attackers are then able to create WCF and DrayDDNS licenses and synchronize them from the website.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
draytek myvigor |
||
draytek vigorswitch_pq2200xb_firmware |
||
draytek vigorswitch_pq2121x_firmware |
||
draytek vigorswitch_p2540xs_firmware |
||
draytek vigorswitch_p2280x_firmware |
||
draytek vigorswitch_p2100_firmware |
||
draytek vigorswitch_q2200x_firmware |
||
draytek vigorswitch_q2121x_firmware |
||
draytek vigorswitch_g2540xs_firmware |
||
draytek vigorswitch_g2280x_firmware |
||
draytek vigorswitch_g2121_firmware |
||
draytek vigorswitch_g2100_firmware |
||
draytek vigorswitch_fx2120_firmware |
||
draytek vigorswitch_p1282_firmware |
||
draytek vigorswitch_g1282_firmware |
||
draytek vigorswitch_g1085_firmware |
||
draytek vigorswitch_g1080_firmware |
||
draytek vigorap_903_firmware |
||
draytek vigorap_912c_firmware |
||
draytek vigorap_918r_firmware |
||
draytek vigorap_1060c_firmware |
||
draytek vigorap_906_firmware |
||
draytek vigorap_960c_firmware |
||
draytek vigorap_1000c_firmware |
||
draytek vigor2766ac_firmware |
||
draytek vigor2766ax_firmware |
||
draytek vigor2766vac_firmware |
||
draytek vigor2765ax_firmware |
||
draytek vigor2765vac_firmware |
||
draytek vigor2765ac_firmware |
||
draytek vigor2763ac_firmware |
||
draytek vigor2620l_firmware |
||
draytek vigor2620ln_firmware |
||
draytek vigorlte_200n_firmware |
||
draytek vigor2915ac_firmware |
||
draytek vigor2135ac_firmware |
||
draytek vigor2135ax_firmware |
||
draytek vigor2135fvac_firmware |
||
draytek vigor2135vac_firmware |
||
draytek vigor2866ax_firmware |
||
draytek vigor2866ac_firmware |
||
draytek vigor2866vac_firmware |
||
draytek vigor2866l_firmware |
||
draytek vigor2866lac_firmware |
||
draytek vigor2865ac_firmware |
||
draytek vigor2865ax_firmware |
||
draytek vigor2865vac_firmware |
||
draytek vigor2865l_firmware |
||
draytek vigor2865lac_firmware |
||
draytek vigor2862n_firmware |
||
draytek vigor2862ac_firmware |
||
draytek vigor2862vac_firmware |
||
draytek vigor2862b_firmware |
||
draytek vigor2862bn_firmware |
||
draytek vigor2862l_firmware |
||
draytek vigor2862lac_firmware |
||
draytek vigor2862ln_firmware |
||
draytek vigor2832n_firmware |
||
draytek vigor2927ax_firmware |
||
draytek vigor2927ac_firmware |
||
draytek vigor2927vac_firmware |
||
draytek vigor2927f_firmware |
||
draytek vigor2927l_firmware |
||
draytek vigor2927lac_firmware |
||
draytek vigor2926_plus_firmware |
||
draytek vigor2962_firmware |
||
draytek vigor1000b_firmware |
||
draytek vigor3910_firmware |
||
draytek vigor165_firmware |
||
draytek vigor166_firmware |
||
draytek vigor130_firmware |
||
draytek vigor167_firmware |