Networking {hardware} maker DrayTek launched an advisory to warn a few security vulnerability in a number of Vigor router fashions that might permit distant, unauthenticated actors to execute carry out arbitrary code.
The flaw, tracked recognized as CVE-2025-10547, was reported to the seller on July 22 by ChapsVision security researcher Pierre-Yves Maes.
“The vulnerability might be triggered when unauthenticated distant attackers ship crafted HTTP or HTTPS requests to the system’s Internet Person Interface (WebUI),” reads DrayTek’s security advisory.
“Profitable exploitation might trigger reminiscence corruption and a system crash, with the potential in sure circumstances may permit distant code execution.”
DrayTek famous that WAN publicity might be diminished by disabling distant WebUI/SSL VPN entry or proscribing it with ACLs/VLANs. Nonetheless, the WebUI stays reachable over LAN, uncovered to native attackers.
Maes informed BleepingComputer that the foundation trigger for CVE-2025-10547 is an uninitialized stack worth that may be leveraged to trigger the free() perform to function on arbitrary reminiscence places, often known as arbitrary free(), to realize distant code execution (RCE).
The researcher efficiently examined his findings by creating an exploit and working it on DrayTek gadgets.
DrayTek’s security bulletin doesn’t point out ongoing exploitation, however it’s endorsed to mitigate the danger.
Under are the fashions impacted by CVE-2025-10547, and the advisable firmware model improve goal to mitigate the flaw:
- Vigor1000B, Vigor2962, Vigor3910/3912 → 4.4.3.6 or later (some fashions 4.4.5.1)
- Vigor2135, Vigor2763/2765/2766, Vigor2865/2866 Sequence (incl. LTE & 5G), Vigor2927 Sequence (incl. LTE & 5G) → 4.5.1 or later
- Vigor2915 Sequence → 4.4.6.1 or later
- Vigor2862/2926 Sequence (incl. LTE) → 3.9.9.12 or later
- Vigor2952/2952P, Vigor3220 → 3.9.8.8 or later
- Vigor2860/2925 Sequence (incl. LTE) → 3.9.8.6 or later
- Vigor2133/2762/2832 Sequence → 3.9.9.4 or later
- Vigor2620 Sequence → 3.9.9.5 or later
- VigorLTE 200n → 3.9.9.3 or later
DrayTek routers, particularly Vigor fashions, are quite common in prosumer and small to medium enterprise (SMB) environments. The listing of impacted fashions covers a broad vary, from flagship fashions to older routers utilized in DLS/telecom environments.
System directors are advisable to use the obtainable firmware security updates as quickly as attainable. Maes says he’ll disclose the complete technical particulars for CVE-2025-10547 tomorrow.
Be part of the Breach and Attack Simulation Summit and expertise the way forward for security validation. Hear from prime consultants and see how AI-powered BAS is remodeling breach and assault simulation.
Do not miss the occasion that may form the way forward for your security technique
