A vital vulnerability has been found in DrayTek’s DrayOS routers, which may permit unauthenticated distant attackers to execute malicious code.
The flaw, tracked as CVE-2025-10547, impacts a variety of Vigor router fashions, prompting directors to use safety updates urgently.
The vulnerability, detailed in safety advisory DSA-2025-005 launched on October 2, 2025, is classed as a “Use of Uninitialized Variable” weak spot.
It may be triggered when an attacker sends specifically crafted HTTP or HTTPS requests to the gadget’s Net Consumer Interface (WebUI). A profitable exploit may cause reminiscence corruption, resulting in a system crash.
DrayOS Routers Vulnerability
Extra critically, underneath sure situations, this reminiscence corruption might be leveraged by an attacker to realize distant code execution (RCE) on the compromised gadget.
For the reason that assault vector is the WebUI, any router with this interface uncovered to the web is at excessive danger. The vulnerability was initially recognized on July 22, and its public disclosure highlights the potential for widespread influence given the recognition of DrayTek routers in enterprise environments.
DrayTek has outlined a number of mitigation methods to guard towards this risk. Probably the most speedy protection towards exterior assaults is to disable distant entry to the WebUI and SSL VPN providers from the WAN.
Correctly configured Entry Management Lists (ACLs) may also function a barrier to stop unauthorized entry from the web.
Nonetheless, these measures don’t provide full safety, as an attacker who has already gained entry to the native community can nonetheless exploit the vulnerability by the LAN-side WebUI.
For some fashions, it’s attainable to additional phase native entry utilizing VLANs and extra ACLs. Regardless of these short-term fixes, DrayTek strongly emphasizes that the one method to totally resolve the vulnerability and guarantee full safety is to improve the gadget firmware to the really useful patched model.
Affected Merchandise and Mitigations
The vulnerability impacts an intensive checklist of DrayTek’s Vigor router sequence. Affected fashions embody the Vigor1000B, Vigor2962, Vigor3910, Vigor3912, Vigor2135, and varied fashions inside the Vigor276x, Vigor286x, Vigor291x, Vigor292x, and Vigor295x sequence, amongst many others.
DrayTek has launched particular firmware updates for every affected product line. For instance, Vigor2962 customers ought to improve to model 4.4.3.6 or 4.4.5.1, whereas Vigor2865 Collection customers want to put in model 4.5.1 or later.
The corporate prolonged its appreciation to Pierre-Yves MAES from ChapsVision for responsibly disclosing the vulnerability.
All customers of affected DrayTek merchandise are urged to seek the advice of the official advisory for an entire checklist of fashions and their corresponding minimal firmware variations to use the mandatory patches instantly.
Comply with us on Google Information, LinkedIn, and X for each day cybersecurity updates. Contact us to characteristic your tales.
