DrayTek has issued a security advisory for a vulnerability (CVE-2025-10547) affecting multiple Vigor router models, allowing unauthenticated remote code execution. Users are advised to update firmware promptly to mitigate risks, especially for SMB and prosumer environments. #CVE-2025-10547 #DrayTekVigor
Keypoints
- Several DrayTek Vigor routers are vulnerable to remote code execution via WebUI.
- The vulnerability is caused by an uninitialized stack value leading to arbitrary free() exploitation.
- Remote attackers can trigger memory corruption and system crashes through crafted HTTP/HTTPS requests.
- Disabling remote WebUI/SSL VPN access or restricting it with ACLs can reduce WAN exposure risks.
- Firmware updates are recommended for various models to mitigate this significant security flaw.