DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
DrayTek Vigor 130 - Cable Haunt Vulnerability
- northwarks
- Topic Author
- Offline
- New Member
Less
More
- Posts: 1
- Thank you received: 0
15 Jan 2020 13:33 #95411
by northwarks
DrayTek Vigor 130 - Cable Haunt Vulnerability was created by northwarks
Hi Guys - DrayTek doesn't appear on the list (https://cablehaunt.com ) but can we confirm the vulnerability doesn't exist?
Please Log in or Create an account to join the conversation.
- admin
- Offline
- Site Admin
Less
More
- Posts: 1723
- Thank you received: 0
27 Jan 2020 00:04 #95479
by admin
Forum Administrator
Replied by admin on topic Re: DrayTek Vigor 130 - Cable Haunt Vulnerability
Well, it's not a cable modem... and assuming they are competent, they would have referred to DSL modems or 'modems' as they'd know the difference, so I'd guess not. They also refer specifically to 'coax'.
Personally (i.e. this isn't from DrayTek!), this looks like a team trying to get a name for themselves, giving an alleged vuln a fancy logo and web site with their names made clear
"We are a small unknown crew with no reputation"
then again, the best started with no reputation.
That's not to say it's not real... I've no idea if it's real, viable, useful, likely or harmful.
And this is silly:
"There are an estimated 200 million cable modems in Europe alone. With almost no cable modem tested being secure..."
Wow! I wonder how big their sample size was. Oh, wait:
"The vulnerability was found across 4 different vendors..."
Anyway, I don't think DrayTek uses the common libraries that other vendors use (DrayOS is proprietary) and doesn't have the spectrum analyser they refer to, as far as I know...but then I'm not a tech. Ask DrayTek....
Personally (i.e. this isn't from DrayTek!), this looks like a team trying to get a name for themselves, giving an alleged vuln a fancy logo and web site with their names made clear
"We are a small unknown crew with no reputation"
then again, the best started with no reputation.
That's not to say it's not real... I've no idea if it's real, viable, useful, likely or harmful.
And this is silly:
"There are an estimated 200 million cable modems in Europe alone. With almost no cable modem tested being secure..."
Wow! I wonder how big their sample size was. Oh, wait:
"The vulnerability was found across 4 different vendors..."
Anyway, I don't think DrayTek uses the common libraries that other vendors use (DrayOS is proprietary) and doesn't have the spectrum analyser they refer to, as far as I know...but then I'm not a tech. Ask DrayTek....
Forum Administrator
Please Log in or Create an account to join the conversation.
- adrianh54
- Offline
- Member
Less
More
- Posts: 428
- Thank you received: 0
27 Jan 2020 06:22 #95481
by adrianh54
Replied by adrianh54 on topic Re: DrayTek Vigor 130 - Cable Haunt Vulnerability
It doesn't apply to DSL modems, is very hard to exploit so another set of panic posts.
Does Draytek push updates to your device? No. Can you reach 192.168.2.1:8080 ?
Does Draytek push updates to your device? No. Can you reach 192.168.2.1:8080 ?
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek