Remote Code Execution Vulnerability in DrayTek Vigor Routers

First reported

02.10.2025 20:37

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

DrayTek has disclosed a remote code execution vulnerability in several Vigor router models. The flaw, CVE-2025-10547, allows unauthenticated remote attackers to execute arbitrary code by sending crafted HTTP or HTTPS requests to the Web User Interface (WebUI). Successful exploitation can cause memory corruption and system crashes, potentially leading to remote code execution. The vulnerability affects a wide range of Vigor router models, commonly used in prosumer and SMB environments. DrayTek has released firmware updates to mitigate the risk, and administrators are advised to apply these updates immediately.

Timeline

02.10.2025 20:37 1 articles · 8h ago

DrayTek discloses remote code execution vulnerability in Vigor routers
DrayTek has disclosed a remote code execution vulnerability in several Vigor router models. The flaw, CVE-2025-10547, allows unauthenticated remote attackers to execute arbitrary code by sending crafted HTTP or HTTPS requests to the WebUI. The vulnerability affects a wide range of models, commonly used in prosumer and SMB environments. DrayTek has released firmware updates to mitigate the risk, and administrators are advised to apply these updates immediately.
Show sources

DrayTek warns of remote code execution bug in Vigor routers — www.bleepingcomputer.com — 02.10.2025 20:37
Open in new tab

Information Snippets

The vulnerability, CVE-2025-10547, was reported by ChapsVision security researcher Pierre-Yves Maes on July 22.
First reported: 02.10.2025 20:37

1 source, 1 article
Show sources
- DrayTek warns of remote code execution bug in Vigor routers — www.bleepingcomputer.com — 02.10.2025 20:37
The flaw can be triggered by sending crafted HTTP or HTTPS requests to the WebUI.
First reported: 02.10.2025 20:37

1 source, 1 article
Show sources
- DrayTek warns of remote code execution bug in Vigor routers — www.bleepingcomputer.com — 02.10.2025 20:37
Successful exploitation may cause memory corruption, system crashes, and potentially remote code execution.
First reported: 02.10.2025 20:37

1 source, 1 article
Show sources
- DrayTek warns of remote code execution bug in Vigor routers — www.bleepingcomputer.com — 02.10.2025 20:37
The root cause is an uninitialized stack value that can be exploited to achieve arbitrary free(), leading to remote code execution.
First reported: 02.10.2025 20:37

1 source, 1 article
Show sources
- DrayTek warns of remote code execution bug in Vigor routers — www.bleepingcomputer.com — 02.10.2025 20:37
The affected models include Vigor1000B, Vigor2962, Vigor3910/3912, and several other series.
First reported: 02.10.2025 20:37

1 source, 1 article
Show sources
- DrayTek warns of remote code execution bug in Vigor routers — www.bleepingcomputer.com — 02.10.2025 20:37
DrayTek recommends updating to specific firmware versions to mitigate the vulnerability.
First reported: 02.10.2025 20:37

1 source, 1 article
Show sources
- DrayTek warns of remote code execution bug in Vigor routers — www.bleepingcomputer.com — 02.10.2025 20:37
The vulnerability affects routers commonly used in prosumer and SMB environments.
First reported: 02.10.2025 20:37

1 source, 1 article
Show sources
- DrayTek warns of remote code execution bug in Vigor routers — www.bleepingcomputer.com — 02.10.2025 20:37

Summary

Timeline

DrayTek discloses remote code execution vulnerability in Vigor routers

Information Snippets