https://www.draytek.co.uk/support/security-advisories/kb-advisory-csrf-and-dns-dhcp-web-attacks
Looks best to disable remote management and check for any incorrect DNS / DHCP settings
Draytek Router DNS Hijack
- Thread starter #Chri5#
- Start date
https://www.draytek.co.uk/support/security-advisories/kb-advisory-csrf-and-dns-dhcp-web-attacks
Looks best to disable remote management and check for any incorrect DNS / DHCP settings
Just had a check on Drayteks firmware page against Vigor 130, there is no firmware for Vigor 130 yet specific to this issue, however I would keep checking over the coming days. If Draytek don't release firmware for the issue then it's a safe bet the Vigor 130 won't be effected.
https://www.draytek.co.uk/support/downloads/vigor-130
Soldato
- Joined
- 20 Oct 2008
- Posts
- 12,082
There’s a list of affected models on their website https://www.draytek.com/en/about/ne...of-urgent-security-updates-to-draytek-routers.
Nice to see legacy models like the 2820 and my 2920 should be getting updates.
And the Vigor modems are listed.
Nice to see legacy models like the 2820 and my 2920 should be getting updates.
And the Vigor modems are listed.
One thing I have to give Draytek is that they keep patching way longer than most, it’s refreshing compared to the disposable support of other oem’s.
Bear in mind that's the .com site - annoyingly the UK region of the Vigor 130 and the one available elsewhere behave quite differently. It defaults to being a router rather than a dumb bridge, for example.