Quote Builder
Quote Builder
Contact Us
Contact Us
Speed Checker
Speed Checker
Contact Us
Contact Us
Quote Builder
Quote Builder
Customer Support

Speak to an expert : Live Chat exa online chat

exa logo white

Home

exa foundation logo white

Foundation

protect and connect logo white

Protect & Connect

exa knowledge hub

Knowledge

More

Knowledge Hub

Knowledge HubTMeducation

Draytek Vulnerability

  • 2 min read

​​A security vulnerability, which affects the DrayTek Vigor range of routers, has been identified. 

The vulnerability (CVE-2022-32548) affects a number of Vigor models that Exa and our customers have deployed in the past few years, specifically the following devices:

  • Vigor 2862 router
  • Vigor 2865 router
  • Vigor 2866 router
  • If you have enabled SSL VPN your device is open to attack
  • If you have enabled remote management of the Vigor, without specifying a management IP range, you are vulnerable to attack. This leaves your device open for any IP to access management settings

On a standard out-of-the-box configuration, or Exa’s default managed configuration, management pages can’t be reached through Wide Area Network (WAN) interfaces. However, this doesn’t protect malicious activity within the Local Area Network (LAN). As such, any Vigor running vulnerable firmware can be exploited within the LAN.

What can I do?

Draytek has released firmware updates to patch the vulnerability, so if you are managing your device internally, we recommend updating your firmware immediately. Before doing the upgrade, take a backup of your current config in case you need it later.

Anyone using SSL VPN should immediately disable this feature to remove access to the web interface from the internet, until a firmware update is applied. Once this update has been applied, customers should be able to switch the SSL VPN on again.

You should also review whether remote access to the device management pages is needed.  If it is, this should always (as best practice) be locked down to a limited number of management IP addresses/ranges.

You don’t need to take any action if we are managing your device, you will be contacted directly.

If you would like us to manage the deployment of firmware upgrades for you, whilst also gaining the security of a replacement router should anything happen, you can get in touch with us about our RFL (Router for Life) service.

For more information regarding vulnerability (CVE-2022-32548) visit the Draytek website.

draytek Vigor 2862 router

Suggested Next Read

Ensuring Robust Security Through Regular Firewall Updates
Read Next

Related Knowledge Hub™ Articles

Ensuring Robust Security Through Regular Firewall Updates
  • 26 April 2024
  • 2 min read
Read Article
Generative AI and Content Filtering
  • 17 April 2024
  • 6 min read, Featured
Read Article
Google’s .zip & .mov TLDs – Blocking phishing URLs
  • 26 May 2023
  • 11 min read
Read Article

Knowledge HubHome

exa logo white
Twitter Facebook-f Linkedin-in
cyber essentials certified
ISO certification
IWF member
ISPA Testing
ISPA Testing

For further information on our IMS Policy contact:

ISPA Testing
ISPA Testing
cyber essentials certified
ISO 9001 & ISO 27001 certification
IWF member

Exa is a trading name of Exa Networks Limited | Registered Company Number: 04922037 | VAT Number: 829 1565 09 | © Copyright Exa Networks Limited 2023 | All Rights Reserved

Exa is a trading name of Exa Networks Limited
Registered Company Number: 04922037
VAT Number: 829 1565 09

© Copyright Exa Networks Limited 2021 | All Rights Reserved

ISPA Testing

The Exa Foundation

Contact us

Other

Contact us

Is DarkLight connectivity best suited to you?

Dark fibre is perfect if you are looking for a potentially limitless, ultrafast connection with complete flexibility and control.

If you fully rely on the internet, a dark fibre connection could be the best option for you.

Is Leased Line connectivity best suited to you?

Leased Lines are best suited to you if you have high bandwidth requirements and need a reliable, uncontended service.

It is ideal for you if you regularly carry out large uploads and downloads, use cloud based services and a VoIP telephone system as well as video conferencing, for everyday communication.

Is GPON connectivity best suited to you?

GPON is a great choice for you if you need gigabit speeds but don’t need them to be symmetrical. It is becoming more widely available across the UK but may not be immediately available to you yet.

Is Rural Fibre connectivity best suited to you?

If you want to make the move to full fibre, but are based in a rural area, this option is for you.

Is FTTP connectivity best suited to you?

If you have a number of users who use cloud-based applications to upload and download data on a daily basis, but don’t transfer large amounts of data, FTTP might be your best option.

Is Gfast connectivity best suited to you?

If your line cannot support a minimum of 100Mbps, this connection is not for you. Gfast must meet the speed as a minimum. 

If your line meets this need, and you’re looking for an ultrafast, consistent and reliable connection without the hassle and upheaval of construction work – this could be a good fit.

It’s worth noting that Gfast is a stop gap to FTTP, and is not a technology that is likely to be around for a long time.

Is FTTC connectivity best suited to you?

If you need more bandwidth but don’t really need a guaranteed speed, FTTC could be for you. It is widely available throughout the UK, making it suitable as a main connection. As this connection provides higher speeds than ADSL, it is also a good option for a back up to a leased line.

As with ADSL, once the PSTN is turned off in 2025/26, FTTC will become virtually obsolete and at the very least you will require FTTP to remain connected.

Sales

Sales

Office hours

Monday: 8:30am – 5pm
Tuesday: 8:30am – 5pm
Wednesday: 8:30am – 5pm
Thursday: 8:30am – 5pm
Friday: 8:30am – 5pm
Saturday: Closed
Sunday: Closed

Finance

Contact us

Office hours

Monday: 8am – 4pm
Tuesday: 8am – 4pm
Wednesday: 8am – 4pm
Thursday: 8am – 4pm
Friday: 8am – 4pm
Saturday: Closed
Sunday: Closed

Provisioning

Contact us

Office hours

Monday: 8am – 5pm
Tuesday: 8am – 5pm
Wednesday: 8am – 5pm
Thursday: 8am – 5pm
Friday: 8am – 5pm
Saturday: Closed
Sunday: Closed

Is DSL connectivity best suited to you?

DSL connections offer very limited bandwidth so it might be right for you if you typically use the internet for less data-intensive tasks. If you’re sending emails, browsing the web, downloading very small files and working with small amounts of data – you should be fine with DSL.

It is worth noting connections based on copper wire, like DSL, will be switched off in the UK by Openreach, with a phased approach due to begin at the end of 2025. If you don’t have a fibre connection at the moment, you’ll need to upgrade this as well as move to a VoIP telephone system.

Technical Support

Contact us

Office hours

Monday: 8am – 6pm
Tuesday: 8am – 6pm
Wednesday: 8am – 6pm
Thursday: 8am – 6pm
Friday: 8am – 6pm
Saturday: 10am – 4pm
Sunday: 10am – 4pm