We have become aware of a possible exploit of the Vigor2960 / 3900 / 300B related to the WebUI on 30th Jan. On 6th Feb 2020 we released an updated firmware to address this issue.
Affected Products and the Fixed Firmware Version
|Model||Fixed Firmware Version||Download Link|
The issue only affects the Vigor3900 / 2960 / 300B and is not known to affect any other DrayTek products.
Check here for other ways to improve the network security.
Regardless of this specific issue, Intercepting data can be made harder by always using secure protocols - HTTPS, TLS applied to email (see below) protocols etc. Some protocols (FTP, Telnet, Syslog, IRC) should be avoided over the open internet - use equivalent secure protocols or VPNs where needed.
Your mail server and mail software/client (Outlook etc.) should be using secure transport. If you check your settings, secure protocols use different TCP port. e.g. POP3 should use port 995, not 110. SMTP should uses port 465, not 25 and IMAP should use port 993, not 143. (The actual port number doesn't actually mean it's secure; those are just the correct ports that would be used on a properly secured server. Check with your ISPfor the correct settings).
If you have remote access enabled on your router, disable it if you don't need it, and use an access control list (ACL) if possible. An ACL is a preset whitelist of permitted remote IP addresses who can remotely administer your router, blocking anyone else. Alternatively, permit remote administration only through a secure VPN or using VigorACS central management.
DrayTek users should subscribe to our mailing list on myVigor Portal in order to receive timely notifications of firmware or critical updates like this and as a general rule of best practice, always keep all of your products' firmware up to date and check for updates.
Should you have any security-related inquiry regarding one of our products, please contact DrayTek Technical Support.