Trellix experts have identified a serious vulnerability in 29 DryTek routers that could be exploited to take control of the device and perform various types of cyber attacks. The Taiwanese manufacturer promptly released the new firmware, so users must install the update right away to avoid risks.Bug in DryTek routers: patch available Drytek routers are widely used as they allow companies to offer employees an easy way to log in to the VPN. Starting from the analysis of the Vigor3910 model, Trellix experts discovered a remote code execution (RCE) vulnerability, indicated as CVE-2022-32548, in 28 other routers. The bug could be exploited by cybercriminals to take control of the device and access shared resources on the local network. Over 200,000 vulnerable routers reachable from the Internet were identified during the search. The vulnerability is present in the management web interface. Using a particular string such as username or password it is possible to cause a buffer overflow and take control of the DryOS operating system. An attacker could then steal sensitive data stored in the router, access shared resources on the network, carry out man-in-the-middle attacks, intercept DNS requests, capture packets on each router port, use the device as a bot for attacks. DDoS site The latest firmware is available from the manufacturer for vulnerable routers: Vigor3910, Vigor1000B, Vigor2962 Series, Vigor2927 Series, Vigor2927 LTE Series, Vigor2915 Series, Vigor2952 / 2952P, Vigor3220 Series, Vigor2926 Series, Vigor2926 LTE Series, Vigor2862 Series, Vigor2862 LTE , Vigor2620 LTE Series, VigorLTE 200n, Vigor2133 Series, Vigor2762 Series, Vigor167, Vigor130, VigorNIC 132, Vigor165, Vigor166, Vigor2135 Series, Vigor2765 Series, Vigor2766 Series, Vigor2832, Vigor2865 Series, Vigor2865 LTE Series, Vigor2866TE and Vigor2866TE. This article contains affiliate links: purchases or orders placed through these links will allow our site to receive a commission.