This one is really geared towards the Draytek engineers....

You've probably seen the recent articles on the "DNS Rebinding Vulnerability" that allows remote control of a routers hardware. Soo far they've only tested the "Cheaper" D-Link and Linksys ADSL routers.

I'm reasonably confident that the Vigor's firewall is robust enough to fend this type of attack off, as well as being very confident that not a single Vigor user in this forum would be silly enough NOT to change the default password!!! It would be nice to know that the Vigor's wouldn't be affected by this vulnerability though.

So.. Does anyone know if this could affect a Vigor? I have a 2820 that replaced my older 2800 (Planning on BT fibre, and I wouldn't trust their hardware any farther than I could spit) and it would be nice to have the warm glow that comes from the knowledge that I invested wisely.

I would also be interested in an answer to this question.

http://www.esecurityplanet.com/news/article.php/3895851/Millions-of-Home-Routers-at-Risk.htm

Obviously this is not limited to home users it is anyone who uses a router. So do all Draytek models protect the private network from this attack?

If not what models are susceptible and can anything be done by the end user to increase security?

If there is no protection when will we be seeing an update to the firmware that fixes the issue?

Thanks