![DrayTek Routers Worldwide Face Connectivity Issues: Suspected Cyberattacks]({"default":"https://itm-management.vn/wp-content/uploads/2025/03/draytek-routers-worldwide-face-connectivity-issues.png","2x":"","mobile":"","responsive":"true"} "DrayTek Routers Worldwide Face Connectivity Issues: Suspected Cyberattacks")
In recent days, Users and Internet Service Providers (ISPs) worldwide, including in Vietnam have reported experiencing connectivity issues with DrayTek routers. These issues include routers intermittently losing connection and entering repetitive reboot modes. This problem has been widely discussed in technology forums, with suspicions pointing to cyberattacks exploiting outdated firmware vulnerabilities or a faulty software update.
1. Causes of DrayTek Router Disruptions
According to cybersecurity experts, the primary cause of this issue may be security vulnerabilities in older DrayTek firmware versions. Specifically, on March 7, 2025, Cybersecurity News also warned about a series of critical vulnerabilities in DrayTek Vigor routers, particularly the Vigor 2925, 2926, and 2927 models, widely deployed in small office/home office (SOHO) environments has been discovered, exposing devices to the risk of remote code execution (RCE), denial of service (DoS) attacks, and credential theft, details of the vulnerabilities including:
- CVE-2024-51138, CVE-2024-51139: Buffer overflow and integer overflow vulnerabilities that allow hackers to execute remote code (RCE).
- CVE-2024-41335, CVE-2024-41336: Authentication flaws that enable hackers to steal passwords or access login credentials stored in plain text.
- CVE-2024-41339: A CGI configuration flaw that can be exploited to upload malicious modules, allowing hackers to gain administrative control.
The inability of these routers to assign WAN IPs has resulted in a complete loss of connectivity, severely affecting business operations and work productivity.
2. How to Fix DrayTek Router Connectivity Issues
DrayTek has published an advisory in response to the router reboots, urging customers to disconnect the WAN and attempt to update the device’s firmware to the latest version. More than that, to resolve this issue and prevent in the future, users should take the following steps:
- Check and Update Firmware
- Log in to the router’s admin panel.
- Verify the current firmware version.
- If using v3.8.3, update to v3.8.4 from the official DrayTek website: fw.draytek.com.tw.
- Change the Router’s Admin Password
- Do not use the default password.
- Set a strong password using uppercase and lowercase letters, numbers, and special characters.
- Check Connected Devices
- Ensure that all connected devices are secure and free from malware.
- Disable Remote Management
- This helps reduce the risk of unauthorized access from external sources.
- Monitor System Logs
- Check system logs for any unusual activity.
- If the router frequently restarts on its own, it may have been compromised.
Given the potential security risks and the widespread impact of these connectivity issues, users are strongly advised to implement these steps immediately to safeguard their networks and maintain uninterrupted service.
For further assistance with your security, please do not hesitate to contact us.
