DrayTek CVE's being exploited

Welcome Guest.

You haven't logged in yet. If you don't have an account you can register now.

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › DrayTek CVE's being exploited - patch now!

saf

221 posts

Master Geek
+1 received by user: 533

ID Verified

Trusted

Vetta Group

Subscriber

#319120 24-Mar-2025 10:53

Just a heads up, ourselves and many other ISPs both in NZ and internationally have started seeing a couple of DrayTek CVE's being exploited over the last ~24 hours.

One of the symptoms of this is the internet connection bouncing up and down, due to the DrayTek encountering a buffer overflow from these exploits.

While I don't have all the detail, general rules apple:
If you're using a DrayTek router, please ensure it's up to date.
If you're using a DrayTek router and your connection is bouncing up and down hinting at being hit by the exploit, reset it, update it, and reconfigure.

More info:

https://www.draytek.com/about/security-advisory/buffer-overflow-vulnerabilities-(cve-2024-51138-cve-2024-51139)

https://www.draytek.com/about/security-advisory/denial-of-service,-information-disclosure,-and-code-execution-vulnerabilities

My views are as unique as a unicorn riding a unicycle. They do not reflect the opinions of my employer, my cat, or the sentient coffee machine in the break room.

drquack32

129 posts

Master Geek
+1 received by user: 9

ID Verified

#3356876 24-Mar-2025 12:23

Yeah the punishing thing is I checked this last week. It did not list the 2120s as a compromised model but have two of those that have flaked out. Last firmware is 2019 so only option is to replace

IT Guy, ex-FIFA Referee, Dad

News and reviews »

New ECOVACS DEEBOT T80S OMNI Available Now
Posted 9-Apr-2026 11:11

Ring Brings 4K Video to Battery-Powered Doorbells
Posted 9-Apr-2026 11:01

Synology Announces a New Privacy-First Home Monitoring Experience for BeeStation Plus
Posted 9-Apr-2026 10:02

GIGABYTE X870E AERO X3D DARK WOOD Redefines the Motherboard
Posted 7-Apr-2026 14:06

Datacom Acquires Auckland Data Centre from T4
Posted 2-Apr-2026 09:43

Spark Launches Satellite Service with SMS and data options
Posted 2-Apr-2026 09:16

Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Support Geekzone »

You can support Geekzone with a one-off or recurring donation via PressPatron.

RSS feeds: Main feed; Forums feed

Site features: Geekzone BI dashboard; Geekzone Badges; Geekzone Status Page

Site Information: Subscribe to Geekzone; Privacy Statement; Forum Usage Guidelines (FUG); Advertising; Trademark and copyright