CVE-2023-33778

high-risk
Published 2023-06-01

Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their own account. Attackers are then able to create WCF and DrayDDNS licenses and synchronize them from the website.

Do I need to act?

-
0.27% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (20)

Myvigor
Vigorswitch Pq2200Xb Firmware
Vigorswitch Pq2121X Firmware
Vigorswitch P2540Xs Firmware
Vigorswitch P2280X Firmware
Vigorswitch P2100 Firmware
Vigorswitch Q2200X Firmware
Vigorswitch Q2121X Firmware
Vigorswitch G2540Xs Firmware
Vigorswitch G2280X Firmware
Vigorswitch G2121 Firmware
Vigorswitch G2100 Firmware
Vigorswitch Fx2120 Firmware
Vigorswitch P1282 Firmware
Vigorswitch G1282 Firmware
Vigorswitch G1085 Firmware
Vigorswitch G1080 Firmware
Vigorap 903 Firmware
Vigorap 912C Firmware
Vigorap 918R Firmware

Affected Vendors

Draytek

References (2)

Exploit https://gist.github.com/Ji4n1ng/6d028709d39458f5ab95b3ea211225ef
Exploit https://gist.github.com/Ji4n1ng/6d028709d39458f5ab95b3ea211225ef
61
/ 100
high-risk
Severity 32/34 · Critical
Exploitability 1/34 · Minimal
Exposure 28/34 · Critical