Security Advisory: CSRF & DNS Attacks (DrayTek)

[AndreiV]

https://www.draytek.co.uk/support/security-advisories/kb-advisory-csrf-and-dns-dhcp-web-attacks

Security Advisory: CSRF & DNS Changed Web Interface Attacks .

TL;DR - Check the DNS settings on your DrayTek router and install new firmware.

 

[coxhaus]

If you have access lists on that router create an access list to permit only your ISP's DNS and an access list to deny all other DNS servers.

 

[AndreiV]

If you have access lists on that router create an access list to permit only your ISP's DNS and an access list to deny all other DNS servers.

Not going to help in any way as the router is hacked via the log in page , the DHCP and DNS settings are changed manually.

 

[coxhaus]

When you get your Draytek router upgraded I still recommend blocking all DNS access except for your local DNS servers or any 2 DNS servers to protect all your clients from being hacked.