DrayTek Vigorswitch Q2200x
Approved changes feed: RSS · Atom
cpe:2.3:h:draytek:vigorswitch_q2200x:-:*:*:*:*:*:*:*
part: h version: - update: *
| Vendor | Draytek (7ad8e731-44c4-554d-87bc-d3dbc441f2c7) |
|---|---|
| Product | Vigorswitch Q2200X (7c6e0ce4-353c-594a-a2e4-8def708d73f8) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-33778 |
not_vulnerable | 2026-06-03 14:52:14.625613 |
Details available
Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their own account. Attackers are then able to create WCF and DrayDDNS licenses and synchronize them from the website.
Published: 2023-06-01T00:00:00.000Z
Updated: 2025-01-09T17:24:35.184Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.