By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Viral Trending contentViral Trending content
  • Home
  • World News
  • Politics
  • Sports
  • Celebrity
  • Business
  • Crypto
  • Gaming News
  • Tech News
  • Travel
Reading: DrayTek warns of remote code execution bug in Vigor routers
Notification Show More
Viral Trending contentViral Trending content
  • Home
  • Categories
    • World News
    • Politics
    • Sports
    • Celebrity
    • Business
    • Crypto
    • Tech News
    • Gaming News
    • Travel
  • Bookmarks
© 2024 All Rights reserved | Powered by Viraltrendingcontent
Viral Trending content > Blog > Tech News > DrayTek warns of remote code execution bug in Vigor routers
Tech News

DrayTek warns of remote code execution bug in Vigor routers

By admin 3 Min Read
Share
SHARE

Networking hardware maker DrayTek released an advisory to warn about a security vulnerability in several Vigor router models that could allow remote, unauthenticated actors to execute perform arbitrary code.

The flaw, tracked identified as CVE-2025-10547, was reported to the vendor on July 22 by ChapsVision security researcher Pierre-Yves Maes.

“The vulnerability can be triggered when unauthenticated remote attackers send crafted HTTP or HTTPS requests to the device’s Web User Interface (WebUI),” reads DrayTek’s security advisory.

“Successful exploitation may cause memory corruption and a system crash, with the potential in certain circumstances could allow remote code execution.”

DrayTek noted that WAN exposure can be reduced by disabling remote WebUI/SSL VPN access or restricting it with ACLs/VLANs. However, the WebUI remains reachable over LAN, exposed to local attackers.

Maes told BleepingComputer that the root cause for CVE-2025-10547 is an uninitialized stack value that can be leveraged to cause the free() function to operate on arbitrary memory locations, also known as arbitrary free(), to achieve remote code execution (RCE).

The researcher successfully tested his findings by creating an exploit and running it on DrayTek devices.

DrayTek’s security bulletin does not mention ongoing exploitation, but it is recommended to mitigate the risk.

Below are the models impacted by CVE-2025-10547, and the recommended firmware version upgrade target to mitigate the flaw:

  • Vigor1000B, Vigor2962, Vigor3910/3912 → 4.4.3.6 or later (some models 4.4.5.1)
  • Vigor2135, Vigor2763/2765/2766, Vigor2865/2866 Series (incl. LTE & 5G), Vigor2927 Series (incl. LTE & 5G) → 4.5.1 or later
  • Vigor2915 Series → 4.4.6.1 or later
  • Vigor2862/2926 Series (incl. LTE) → 3.9.9.12 or later
  • Vigor2952/2952P, Vigor3220 → 3.9.8.8 or later
  • Vigor2860/2925 Series (incl. LTE) → 3.9.8.6 or later
  • Vigor2133/2762/2832 Series → 3.9.9.4 or later
  • Vigor2620 Series → 3.9.9.5 or later
  • VigorLTE 200n → 3.9.9.3 or later

DrayTek routers, especially Vigor models, are very common in prosumer and small to medium business (SMB) environments. The list of impacted models covers a broad range, from flagship models to older routers used in DLS/telecom environments.

System administrators are recommended to apply the available firmware security updates as soon as possible. Maes says he will disclose the full technical details for CVE-2025-10547 tomorrow.

Picus BAS Summit

Join the Breach and Attack Simulation Summit and experience the future of security validation. Hear from top experts and see how AI-powered BAS is transforming breach and attack simulation.

Don’t miss the event that will shape the future of your security strategy

You Might Also Like

Gemini AI Coming to Older Google Nest Speakers, Cameras, and Doorbells

How AI Agents Are Transforming Coding with Autonomy & Efficiency

Esri Ireland wins Outstanding Achievement in Communication at national sustainability awards

China Rolls Out Its First Talent Visa as the US Retreats on H-1Bs

Are localised AI hubs the next step for innovators and communities?

TAGGED: DrayTek, RCE, Remote Code Execution, Router, Vulnerability
Share This Article
Facebook Twitter Copy Link
Previous Article Jets’ Braelon Allen suffered a knee injury in Week 4 and is being placed on IR
Next Article How AI Agents Are Transforming Coding with Autonomy & Efficiency
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

- Advertisement -
Ad image

Latest News

Study shows the world is far more ablaze now with damaging fires than in the 1980s
World News
Zcash price rallies to 4-year high above $150: what’s the outlook for ZEC?
Crypto
20 Big Games of October 2025
Gaming News
Gemini AI Coming to Older Google Nest Speakers, Cameras, and Doorbells
Tech News
How much do you need in an ISA to aim for a £10k annual passive income?
Business
Gen Z, millennials and Republicans drive trust in media to the lowest ever recorded, a shocking collapse of 40 percentage points since 1972
Business
Ethereum Sharp Exchange Outflows Sparks A Historic Supply Squeeze, Here’s What It Means
Crypto

About Us

Welcome to Viraltrendingcontent, your go-to source for the latest updates on world news, politics, sports, celebrity, tech, travel, gaming, crypto news, and business news. We are dedicated to providing you with accurate, timely, and engaging content from around the globe.

Quick Links

  • Home
  • World News
  • Politics
  • Celebrity
  • Business
  • Home
  • World News
  • Politics
  • Sports
  • Celebrity
  • Business
  • Crypto
  • Gaming News
  • Tech News
  • Travel
  • Sports
  • Crypto
  • Tech News
  • Gaming News
  • Travel

Trending News

cageside seats

Unlocking the Ultimate WWE Experience: Cageside Seats News 2024

Study shows the world is far more ablaze now with damaging fires than in the 1980s

Investing £5 a day could help me build a second income of £329 a month!

cageside seats
Unlocking the Ultimate WWE Experience: Cageside Seats News 2024
May 22, 2024
Study shows the world is far more ablaze now with damaging fires than in the 1980s
October 2, 2025
Investing £5 a day could help me build a second income of £329 a month!
March 27, 2024
Brussels unveils plans for a European Degree but struggles to explain why
March 27, 2024
© 2024 All Rights reserved | Powered by Vraltrendingcontent
  • About Us
  • Contact US
  • Disclaimer
  • Privacy Policy
  • Terms of Service
Welcome Back!

Sign in to your account

Lost your password?