CVE-2023-33778

Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their own account. Attackers are then able to create WCF and DrayDDNS licenses and synchronize them from the website.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
VendorProductVersion
draytekmyvigor
𝑥
< 2.3.2
draytekvigorswitch_pq2200xb_firmware
𝑥
< 2.6.7
draytekvigorswitch_pq2121x_firmware
𝑥
< 2.6.7
draytekvigorswitch_p2540xs_firmware
𝑥
< 2.6.7
draytekvigorswitch_p2280x_firmware
𝑥
< 2.6.7
draytekvigorswitch_p2100_firmware
𝑥
< 2.6.7
draytekvigorswitch_q2200x_firmware
𝑥
< 2.6.7
draytekvigorswitch_q2121x_firmware
𝑥
< 2.6.7
draytekvigorswitch_g2540xs_firmware
𝑥
< 2.6.7
draytekvigorswitch_g2280x_firmware
𝑥
< 2.6.7
draytekvigorswitch_g2121_firmware
𝑥
< 2.6.7
draytekvigorswitch_g2100_firmware
𝑥
< 2.6.7
draytekvigorswitch_fx2120_firmware
𝑥
< 2.6.7
draytekvigorswitch_p1282_firmware
𝑥
< 2.6.7
draytekvigorswitch_g1282_firmware
𝑥
< 2.6.7
draytekvigorswitch_g1085_firmware
𝑥
< 2.6.7
draytekvigorswitch_g1080_firmware
𝑥
< 2.6.7
draytekvigorap_903_firmware
𝑥
< 1.4.0
draytekvigorap_912c_firmware
𝑥
< 1.4.0
draytekvigorap_918r_firmware
𝑥
< 1.4.0
draytekvigorap_1060c_firmware
𝑥
< 1.4.0
draytekvigorap_906_firmware
𝑥
< 1.4.0
draytekvigorap_960c_firmware
𝑥
< 1.4.0
draytekvigorap_1000c_firmware
𝑥
< 1.4.0
draytekvigor2766ac_firmware
𝑥
< 3.9.6
draytekvigor2766ac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2766ax_firmware
𝑥
< 3.9.6
draytekvigor2766ax_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2766vac_firmware
𝑥
< 3.9.6
draytekvigor2766vac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2765ax_firmware
𝑥
< 3.9.6
draytekvigor2765ax_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2765vac_firmware
𝑥
< 3.9.6
draytekvigor2765vac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2765ac_firmware
𝑥
< 3.9.6
draytekvigor2765ac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2763ac_firmware
𝑥
< 3.9.6
draytekvigor2763ac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2620l_firmware
𝑥
< 3.9.6
draytekvigor2620l_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2620ln_firmware
𝑥
< 3.9.6
draytekvigor2620ln_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigorlte_200n_firmware
𝑥
< 3.9.6
draytekvigorlte_200n_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2915ac_firmware
𝑥
< 3.9.6
draytekvigor2915ac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2135ac_firmware
𝑥
< 3.9.6
draytekvigor2135ac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2135ax_firmware
𝑥
< 3.9.6
draytekvigor2135ax_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2135fvac_firmware
𝑥
< 3.9.6
draytekvigor2135fvac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2135vac_firmware
𝑥
< 3.9.6
draytekvigor2135vac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2866ax_firmware
𝑥
< 3.9.6
draytekvigor2866ax_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2866ac_firmware
𝑥
< 3.9.6
draytekvigor2866ac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2866vac_firmware
𝑥
< 3.9.6
draytekvigor2866vac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2866l_firmware
𝑥
< 3.9.6
draytekvigor2866l_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2866lac_firmware
𝑥
< 3.9.6
draytekvigor2866lac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2865ac_firmware
𝑥
< 3.9.6
draytekvigor2865ac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2865ax_firmware
𝑥
< 3.9.6
draytekvigor2865ax_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2865vac_firmware
𝑥
< 3.9.6
draytekvigor2865vac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2865l_firmware
𝑥
< 3.9.6
draytekvigor2865l_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2865lac_firmware
𝑥
< 3.9.6
draytekvigor2865lac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2862n_firmware
𝑥
< 3.9.6
draytekvigor2862n_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2862ac_firmware
𝑥
< 3.9.6
draytekvigor2862ac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2862vac_firmware
𝑥
< 3.9.6
draytekvigor2862vac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2862b_firmware
𝑥
< 3.9.6
draytekvigor2862b_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2862bn_firmware
𝑥
< 3.9.6
draytekvigor2862bn_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2862l_firmware
𝑥
< 3.9.6
draytekvigor2862l_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2862lac_firmware
𝑥
< 3.9.6
draytekvigor2862lac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2862ln_firmware
𝑥
< 3.9.6
draytekvigor2862ln_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2832n_firmware
𝑥
< 3.9.6
draytekvigor2832n_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2927ax_firmware
𝑥
< 3.9.6
draytekvigor2927ax_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2927ac_firmware
𝑥
< 3.9.6
draytekvigor2927ac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2927vac_firmware
𝑥
< 3.9.6
draytekvigor2927vac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2927f_firmware
𝑥
< 3.9.6
draytekvigor2927f_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2927l_firmware
𝑥
< 3.9.6
draytekvigor2927l_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2927lac_firmware
𝑥
< 3.9.6
draytekvigor2927lac_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2926_plus_firmware
𝑥
< 3.9.6
draytekvigor2926_plus_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor2962_firmware
𝑥
< 3.9.6
draytekvigor2962_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor1000b_firmware
𝑥
< 3.9.6
draytekvigor1000b_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor3910_firmware
𝑥
< 3.9.6
draytekvigor3910_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor165_firmware
𝑥
< 3.9.6
draytekvigor165_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor166_firmware
𝑥
< 3.9.6
draytekvigor166_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor130_firmware
𝑥
< 3.9.6
draytekvigor130_firmware
4.0.0 ≤
𝑥
< 4.2.4
draytekvigor167_firmware
𝑥
< 3.9.6
draytekvigor167_firmware
4.0.0 ≤
𝑥
< 4.2.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://gist.github.com/Ji4n1ng/6d028709d39458f5ab95b3ea211225ef
https://gist.github.com/Ji4n1ng/6d028709d39458f5ab95b3ea211225ef