Advertisement

Research reveals vulnerabilities in routers that left 700,000-plus exposed

ForeScout said one of them warranted rating at the maximum severity level, although DrayTek has issued patches.
wlan antenna

Researchers uncovered 14 vulnerabilities, one of them the most severe kind, that left more than 700,000 routers made by Taiwan-based DrayTek exposed to the public internet, but that the company has since patched.

ForeScout’s Vedere Labs revealed the vulnerabilities Wednesday and urged security pros to make sure they implemented the fixes, adding that 75% of the routers are used in commercial settings.

“These devices are not just hardware; they represent potential entry points for devastating attacks,” ForeScout said. “Our research shows these vulnerabilities could be used in espionage, data exfiltration, ransomware, and denial of service (DoS) attacks.”

More than half of the routers at risk (approximately 425,000) are in the European Union and United Kingdom, followed by Asia (190,000), Australia and New Zealand (37,000), the Middle East (30,000), Latin America (15,000) and North America (7,200).

Advertisement

Routers are a popular target for hackers, either as an avenue to attack their owners or to use them as a launching pad for other attacks. Most prominently this year, feds accused Chinese government hackers dubbed Volt Typhoon of leveraging insecure routers for a botnet they had disrupted. In May, researchers said that a malware attack destroyed more than 600,000 routers over the course of three days.

Just last month, U.S. government agencies announced that they had disrupted another massive Chinese government-connected botnet that relied on more than just routers for its attacks, but the agencies listed a vulnerability in DrayTek routers as among those the hackers exploited. 

As many as 785,000 DrayTek devices could be affected in all by the vulnerabilities that ForeScout disclosed Wednesday, with the researchers determining that 704,000 had their web interfaces exposed to the internet.

One of the 14 vulnerabilities warranted the maximum severity score of 10, ForeScout said. Another was critical at 9.1.

DrayTek did not immediately respond to a request for comment.

Latest Podcasts