{"id":10701,"date":"2022-08-08T16:10:29","date_gmt":"2022-08-08T15:10:29","guid":{"rendered":"https:\/\/exa.net.uk\/?p=10701"},"modified":"2022-12-05T15:03:25","modified_gmt":"2022-12-05T15:03:25","slug":"draytek-vulnerability","status":"publish","type":"post","link":"https:\/\/edit.exa.net.uk\/knowledge-hub\/security\/draytek-vulnerability\/","title":{"rendered":"Draytek Vulnerability"},"content":{"rendered":"\t\t
The vulnerability (CVE-2022-32548) affects a number of Vigor models that Exa and our customers have deployed in the past few years, specifically the following devices:<\/p>
On a standard out-of-the-box configuration, or Exa\u2019s default managed configuration, management pages can\u2019t be reached through Wide Area Network (WAN) interfaces. However, this doesn\u2019t protect malicious activity within the Local Area Network (LAN). As such, any Vigor running vulnerable firmware can be exploited within the LAN.<\/p>
Draytek has released firmware updates to patch the vulnerability, so if you are managing your device internally, we recommend updating your firmware immediately. Before doing the upgrade, take a backup of your current config in case you need it later.<\/p>
Anyone using SSL VPN should immediately disable this feature to remove access to the web interface from the internet, until a firmware update is applied. Once this update has been applied, customers should be able to switch the SSL VPN on again.<\/p>
You should also review whether remote access to the device management pages is needed.\u00a0 If it is, this should always (as best practice) be locked down to a limited number of management IP addresses\/ranges.<\/p>
You don\u2019t need to take any action if we are managing your device, you will be contacted directly.<\/p>
If you would like us to manage the deployment of firmware upgrades for you, whilst also gaining the security of a replacement router should anything happen, you can get in touch with us about our RFL (Router for Life) service.<\/p>
For more information regarding vulnerability (CVE-2022-32548) visit the Draytek website<\/a>.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t Suggested<\/span> Next Read <\/i><\/span><\/p>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t