CVE-2024-41336 Information

Description

Draytek devices Vigor 165/166 prior to v4.2.6 Vigor 2620/LTE200 prior to v3.9.8.8 Vigor 2860/2925 prior to v3.9.7 Vigor 2862/2926 prior to v3.9.9.4 Vigor 2133/2762/2832 prior to v3.9.8 Vigor 2135/2765/2766 prior to v4.4.5.1 Vigor 2865/2866/2927 prior to v4.4.5.3 Vigor 2962/3910 prior to v4.3.2.7 Vigor 3912 prior to v4.3.5.2 and Vigor 2925 up to v3.9.6 were discovered to store passwords in plaintext.

Reference

http://draytek.com https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946