DrayTek Vigor router memory corruption RCE (CVE-2025-10547)
Vulnerability
Summary
Hide ▲
Show ▼
DrayTek disclosed CVE-2025-10547 in multiple Vigor router models, a remotely reachable flaw that can let unauthenticated attackers trigger memory corruption and potentially remote code execution. The bug is triggered through crafted HTTP/HTTPS requests to the WebUI, and successful exploitation can also crash the device. Pierre-Yves Maes reported the issue on July 22, and the researcher said he built and ran an exploit on DrayTek hardware. DrayTek recommends limiting remote WebUI/SSL VPN exposure and applying the available firmware updates.
Related Happenings
DrayTek Vigor router CVE-2025-10547 mitigation advisory
Advisory/Mitigation
First: 02.10.2025 20:37
Last: 02.10.2025 20:37
Sources 1
How related:
DrayTek noted that WAN exposure can be reduced by disabling remote WebUI/SSL VPN access or restricting it with ACLs/VLANs.
About this happening:
**DrayTek** issued mitigation guidance for **CVE-2025-10547** affecting multiple **Vigor router** models, because unauthenticated remote requests to the **WebUI** can lead to memo...
DrayTek Vigor router CVE-2025-10547 mitigation advisory
Advisory/MitigationHow related: DrayTek noted that WAN exposure can be reduced by disabling remote WebUI/SSL VPN access or restricting it with ACLs/VLANs.
About this happening: **DrayTek** issued mitigation guidance for **CVE-2025-10547** affecting multiple **Vigor router** models, because unauthenticated remote requests to the **WebUI** can lead to memo...
Cisco ASA and FTD active exploitation wave (CVE-2025-20333, CVE-2025-20362)
Exploitation Wave
First: 30.09.2025 19:58
Last: 30.09.2025 19:58
Sources 1
About this happening:
**Cisco ASA and FTD** appliances are still under an **active exploitation wave** for **CVE-2025-20333** and **CVE-2025-20362**, with a new attack variant now causing **unexpected...
Cisco ASA and FTD active exploitation wave (CVE-2025-20333, CVE-2025-20362)
Exploitation WaveAbout this happening: **Cisco ASA and FTD** appliances are still under an **active exploitation wave** for **CVE-2025-20333** and **CVE-2025-20362**, with a new attack variant now causing **unexpected...
Timeline
-
02.10.2025 20:37 1 articles · 7mo ago
Pierre-Yves Maes reports CVE-2025-10547 to DrayTek
Initial DisclosureChapsVision security researcher Pierre-Yves Maes reported CVE-2025-10547 to DrayTek on July 22, describing a flaw in several Vigor router models that can be triggered by unauthenticated remote attackers sending crafted HTTP or HTTPS requests to the Web User Interface (WebUI) and can lead to memory corruption and potential remote code execution.
Show sources
- DrayTek warns of remote code execution bug in Vigor routers — www.bleepingcomputer.com — 02.10.2025 20:37
-
02.10.2025 20:37 2 articles · 7mo ago
DrayTek issues mitigation guidance for Vigor routers
Mitigation Patch UpdateDrayTek released a security advisory for CVE-2025-10547 affecting multiple Vigor router models, warned that successful exploitation may cause memory corruption and a system crash with potential remote code execution, and recommended disabling or restricting remote WebUI/SSL VPN access with ACLs/VLANs while applying the listed firmware updates as soon as possible.
Show sources
- DrayTek warns of remote code execution bug in Vigor routers — www.bleepingcomputer.com — 02.10.2025 20:37
- DrayTek warns of remote code execution bug in Vigor routers — www.bleepingcomputer.com — 02.10.2025 20:37