Analysis of Vulnerabilities in DrayTek Routers

This technical report investigates vulnerabilities in DrayTek routers, which are increasingly targeted by cybercriminals and state-sponsored attackers. The research identifies 14 new vulnerabilities, including one with a maximum severity score of 10 and another critical vulnerability rated at 9.1. The report emphasizes the significant threat posed by these vulnerabilities, particularly given that over 704,000 DrayTek routers are exposed online across 168 countries. The findings highlight the potential for espionage, data exfiltration, ransomware, and denial of service attacks. The report also discusses the commercial impact of these vulnerabilities, noting that 75% of affected routers are used in business environments, which could lead to severe consequences such as downtime and loss of customer trust. Recommendations for mitigation include identifying affected routers, applying firmware updates, and enhancing security measures such as disabling remote access and implementing multi-factor authentication. The report concludes with a detailed analysis of the vulnerabilities and their implications for users.