Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Critical Vulnerabilities in DrayTek Vigor2960/3900/300B Networking
Alerts

Critical Vulnerabilities in DrayTek Vigor2960/3900/300B Networking

29 March 2020

DrayTek has issued a security advisory on two zero-day vulnerabilities found in the WebUI feature of its Vigor2960/3900/300B networking products.

Remote code execution vulnerabilities exist in the cgi-bin/mainfunction.cgi and the corresponding Web Server programme, /usr/sbin/lighttpd. By sending a specially crafted request, an attacker could exploit it to execute arbitrary code on the device.

There have been reports of targeted attacks exploiting these vulnerabilities, which could allow attackers to eavesdrop on network traffic, run rogue SSH services on high ports and create persistent backdoor on the devices.

Affected owners and System Administrators are advised to apply the available patch (1.5.1 firmware or later) immediately.

More information is available at:

https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-router-web-management-page-vulnerability-(cve-2020-8515)/

https://blog.netlab.360.com/two-zero-days-are-targeting-draytek-broadband-cpe-devices-en/

https://www.zdnet.com/article/a-mysterious-hacker-group-is-eavesdropping-on-corporate-ftp-and-email-traffic/


Back to top