Jetzt Ausprobieren

DrayTek Vigor Vulnerability Audit

Network Devices Vulnerability

Discover Vulnerable DrayTek Vigor Routers in Your IT Estate

DrayTek has released a number of patches in response to a critical unauthenticated remote code execution vulnerability impacting 29 models of the DrayTek Vigor series of business routers. The vulnerability, tracked as CVE-2022-32548 carries a maximum CVSS v3 severity score of 10.0 and could lead to complete device takeover enabling a malicious actor to access internal resources of the breached networks. The report below will help you locate any DrayTek routers that may be at risk. You can read more about this vulnerability in the DrayTek Vigor Vulnerability blog post.

Screenshot DrayTek

 

DrayTek Vigor Routers Vulnerability Query

Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tblAssets.description,
Case
When tblAssetCustom.Model Like '%Vigor3910%' Then '4.3.1.1'
When tblAssetCustom.Model Like '%Vigor1000B%' Then '4.3.1.1'
When tblAssetCustom.Model Like '%Vigor2962%' Then '4.3.1.1'
When tblAssetCustom.Model Like '%Vigor2927%' Then '4.4.0'
When tblAssetCustom.Model Like '%Vigor2915%' Then '4.3.3.2'
When tblAssetCustom.Model Like '%Vigor2952%' Then '3.9.7.2'
When tblAssetCustom.Model Like '%Vigor3220%' Then '3.9.7.2'
When tblAssetCustom.Model Like '%Vigor2926%' Then '3.9.8.1'
When tblAssetCustom.Model Like '%Vigor2862%' Then '3.9.8.1'
When tblAssetCustom.Model Like '%Vigor2620 LTE%' Then '3.9.8.1'
When tblAssetCustom.Model Like '%VigorLTE 200n%' Then '3.9.8.1'
When tblAssetCustom.Model Like '%Vigor2133%' Then '3.9.6.4' 
When tblAssetCustom.Model Like '%Vigor2762%' Then '3.9.6.4'
When tblAssetCustom.Model Like '%Vigor167%' Then '5.1.1'
When tblAssetCustom.Model Like '%Vigor130 %' Then '3.8.5'
When tblAssetCustom.Model Like '%VigorNIC 132' Then '3.8.5'
When tblAssetCustom.Model Like '%Vigor165%' Then '4.2.4'
When tblAssetCustom.Model Like '%Vigor166%' Then '4.2.4'
When tblAssetCustom.Model Like '%Vigor2135%' Then '4.4.2'
When tblAssetCustom.Model Like '%Vigor2765%' Then '4.4.2'
When tblAssetCustom.Model Like '%Vigor2766%' Then '4.4.2'
When tblAssetCustom.Model Like '%Vigor2832%' Then '3.9.6'
When tblAssetCustom.Model Like '%Vigor2865%' Then '4.4.0'
When tblAssetCustom.Model Like '%Vigor2866%' Then '4.4.0'
End As FixedVersion,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Lastseen,
tblAssets.Lasttried
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where (tblAssetCustom.Manufacturer Like '%DrayTek%' And
(tblAssetCustom.Model Like '%Vigor3910%' Or
tblAssetCustom.Model Like '%Vigor1000B%' Or
tblAssetCustom.Model Like '%Vigor2962%' Or
tblAssetCustom.Model Like '%Vigor2927%' Or
tblAssetCustom.Model Like '%Vigor2915%' Or
tblAssetCustom.Model Like '%Vigor2952%' Or
tblAssetCustom.Model Like '%Vigor3220%' Or
tblAssetCustom.Model Like '%Vigor2926%' Or
tblAssetCustom.Model Like '%Vigor2862%' Or
tblAssetCustom.Model Like '%Vigor2620 LTE%' Or
tblAssetCustom.Model Like '%VigorLTE 200n%' Or
tblAssetCustom.Model Like '%Vigor2133%' Or
tblAssetCustom.Model Like '%Vigor2762%' Or
tblAssetCustom.Model Like '%Vigor167%' Or
tblAssetCustom.Model Like '%Vigor130' Or
tblAssetCustom.Model Like '%VigorNIC 132' Or
tblAssetCustom.Model Like '%Vigor165%' Or
tblAssetCustom.Model Like '%Vigor166%' Or
tblAssetCustom.Model Like '%Vigor2135%' Or
tblAssetCustom.Model Like '%Vigor2765%' Or
tblAssetCustom.Model Like '%Vigor2766%' Or
tblAssetCustom.Model Like '%Vigor2832%' Or
tblAssetCustom.Model Like '%Vigor2865%' Or
tblAssetCustom.Model Like '%Vigor2866%')
And tblState.Statename = 'Active')
Order By tblAssetCustom.Model, tblAssets.IPAddress;

Show

Hide