Cybersecurity researchers have discovered over a dozen new security vulnerabilities in residential and enterprise routers manufactured by DrayTek. These vulnerabilities could be exploited by attackers to take over susceptible devices.
The flaws, collectively referred to as DRAY
, were detailed in a report by Forescout Vedere Labs, which was shared with The Hacker News. The report highlights that the vulnerabilities allow attackers to inject malicious code, enabling them to gain persistent access to the router and use it as a gateway into enterprise networks.
Out of the 14 vulnerabilities, two are rated critical, nine are rated high, and three are rated medium in severity. The most severe flaw, tracked as CVE-2024-41592, has been awarded a CVSS score of 10.0, the highest possible rating.
Critical Vulnerabilities in DrayTek Routers
One of the most critical vulnerabilities, CVE-2024-41592, involves a buffer overflow bug in the GetCGI() function of the router's Web user interface (UI). When exploited, this flaw can lead to a denial-of-service (DoS) or remote code execution (RCE) by manipulating query string parameters.
Another critical flaw, CVE-2024-41585 (CVSS score: 9.1), involves operating system (OS) command injection in the recvCmd binary, which facilitates communication between the host and guest OS.
Additional Vulnerabilities
In addition to the critical flaws, 12 other vulnerabilities have been identified, including:
Scope of the Issue
According to Forescout’s analysis, over 704,000 DrayTek routers have their Web UI exposed to the internet, making them attractive targets for malicious actors. The majority of these exposed devices are located in the U.S., followed by Vietnam, the Netherlands, Taiwan, and Australia.
Patches and Recommendations
DrayTek has released patches to address all identified vulnerabilities, including fixes for end-of-life (EoL) models affected by the most critical flaws.
To fully protect against these vulnerabilities, Forescout recommends patching all devices running the affected software. Additionally, users are advised to disable remote access to their routers if it is not necessary. Implementing an access control list (ACL) and two-factor authentication (2FA) can further enhance security.
Global Cybersecurity Guidance
The discovery of these vulnerabilities coincides with joint guidance issued by cybersecurity agencies from nine countries, including the U.S., Australia, Canada, Germany, and Japan. The document, titled "Principles of Operational Technology Cybersecurity," outlines six key rules for critical infrastructure organizations:
The agencies emphasized that quick decision-making, prioritizing security in OT environments, will improve safety, security, and business continuity.
© 2016 - 2025 Red Secure Tech Ltd. Registered in England and Wales under Company Number: 15581067