[Vulnerability Alert] DrayTek DrayOS Has a High-Risk Security Vulnerability (CVE-2025-10547), Please Confirm and Patch As Soon As Possible

• Subject: [Vulnerability Alert] DrayTek DrayOS Has a High-Risk Security Vulnerability (CVE-2025-10547), Please Confirm and Patch As Soon As Possible

• Content:
  • Forwarded from National Information Security Coordination Center NISAC-200-202510-00000003
  • Researchers have discovered a Use of Uninitialized Variable vulnerability (CVE-2025-10547) in DrayTek DrayOS. An unauthenticated remote attacker can send specially crafted HTTP or HTTPS requests to the device's web interface, which may lead to memory corruption and system crash, and under specific conditions, may even achieve arbitrary code execution. Please confirm and patch as soon as possible.
• Affected Platforms:
  • Vigor1000B models with versions prior to 4.4.3.6
  • Vigor2962 models with versions prior to 4.4.3.6 or versions prior to 4.4.5.1
  • Vigor3910 models with versions prior to 4.4.3.6 or versions prior to 4.4.5.1
  • Vigor3912 models with versions prior to 4.4.3.6 or versions prior to 4.4.5.1
  • Vigor2135 models with versions prior to 4.5.1
  • Vigor2763 models with versions prior to 4.5.1
  • Vigor2765 models with versions prior to 4.5.1
  • Vigor2766 models with versions prior to 4.5.1
  • Vigor2865 Series models with versions prior to 4.5.1
  • Vigor2865 LTE Series models with versions prior to 4.5.1
  • Vigor2865L-5G Series models with versions prior to 4.5.1
  • Vigor2866 Series models with versions prior to 4.5.1
  • Vigor2866 LTE Series models with versions prior to 4.5.1
  • Vigor2927 Series models with versions prior to 4.5.1
  • Vigor2927 LTE Series models with versions prior to 4.5.1
  • Vigor2927L-5G Series models with versions prior to 4.5.1
  • Vigor2915 Series models with versions prior to 4.4.6.1
  • Vigor2862 Series models with versions prior to 3.9.9.12
  • Vigor2862 LTE Series models with versions prior to 3.9.9.12
  • Vigor2926 Series models with versions prior to 3.9.9.12
  • Vigor2952 models with versions prior to 3.9.8.8
  • Vigor2952P models with versions prior to 3.9.8.8
  • Vigor3220 models with versions prior to 3.9.8.8
  • Vigor2860 Series models with versions prior to 3.9.8.6
  • Vigor2860 LTE Series models with versions prior to 3.9.8.6
  • Vigor2925 Series models with versions prior to 3.9.8.6
  • Vigor2925 LTE Series models with versions prior to 3.9.8.6
  • Vigor2133 Series models with versions prior to 3.9.9.4
  • Vigor2762 Series models with versions prior to 3.9.9.4
  • Vigor2832 Series models with versions prior to 3.9.9.4
  • Vigor2620 Series models with versions prior to 3.9.9.5
  • VigorLTE 200n models with versions prior to 3.9.9.5
• Recommended Action:
  • The official vendor has released a fix for the vulnerability. Please refer to the official instructions for update at the following URLs: https://www.draytek.com/about/security-advisory/use-of-uninitialized-variable-vulnerabilities/ https://www.draytek.com/zh/support/latest-firmwares/
• References:
  1. https://nvd.nist.gov/vuln/detail/CVE-2025-10547
  2. https://www.draytek.com/about/security-advisory/use-of-uninitialized-variable-vulnerabilities/
  3. https://www.draytek.com/zh/support/latest-firmwares/

Computer and Communications Center
Network Systems Group