Security Alert – CSRF Vulnerability and how to Prevent Attacks
In May 2018 DrayTek became aware of CSRF (Cross-Site Request Forgery) attacks against web-enabled devices, including DrayTek routers.
In some circumstances, it may be possible for an attacker to intercept or create an administration session and change settings on the router. Initial reports show that in some cases DNS settings are altered.
To check if your router has been compromised, look at