【資安漏洞預警】DrayTek DrayOS存在高風險安全漏洞(CVE-2025-10547),請儘速確認並進行修補
[Security Vulnerability Alert] DrayTek DrayOS has a high-risk security vulnerability (CVE-2025-10547). Please confirm and patch it as soon as possible.

發布單位:圖資處數位服務組
日期範圍:2025/10/15 ~ 2026/4/15
 
發布單位:圖資處數位服務組
日期範圍:2025/10/15 ~ 2026/4/15
行政 行政公告
全體

轉發 國家資安資訊分享與分析中心 NISAC-200-202510-00000003

[內容說明]
研究人員發現DrayTek DrayOS存在使用未初始化變數(Use of Uninitialized Variable)漏洞(CVE-2025-10547)。未經身分鑑別之遠端攻擊者可透過發送特製HTTP或HTTPS請求至裝置網頁介面,進而造成記憶體毀損與系統當機,在特定條件下甚至可達成執行任意程式碼,請儘速確認並進行修補。

[影響平台]
● Vigor1000B型號4.4.3.6(不含)以前版本
● Vigor2962型號4.4.3.6(不含)以前版本或4.4.5.1(不含)以前版本
● Vigor3910型號4.4.3.6(不含)以前版本或4.4.5.1(不含)以前版本
● Vigor3912型號4.4.3.6(不含)以前版本或4.4.5.1(不含)以前版本
● Vigor2135型號4.5.1(不含)以前版本
● Vigor2763型號4.5.1(不含)以前版本
● Vigor2765型號4.5.1(不含)以前版本
● Vigor2766型號4.5.1(不含)以前版本
● Vigor2865 Series型號4.5.1(不含)以前版本
● Vigor2865 LTE Series型號4.5.1(不含)以前版本
● Vigor2865L-5G Series型號4.5.1(不含)以前版本
● Vigor2866 Series型號4.5.1(不含)以前版本
● Vigor2866 LTE Series型號4.5.1(不含)以前版本
● Vigor2927 Series型號4.5.1(不含)以前版本
● Vigor2927 LTE Series型號4.5.1(不含)以前版本
● Vigor2927L-5G Series型號4.5.1(不含)以前版本
● Vigor2915 Series型號4.4.6.1(不含)以前版本
● Vigor2862 Series型號3.9.9.12(不含)以前版本
● Vigor2862 LTE Series型號3.9.9.12(不含)以前版本
● Vigor2926 Series型號3.9.9.12(不含)以前版本
● Vigor2952型號3.9.8.8(不含)以前版本
● Vigor2952P型號3.9.8.8(不含)以前版本
● Vigor3220型號3.9.8.8(不含)以前版本
● Vigor2860 Series型號3.9.8.6(不含)以前版本
● Vigor2860 LTE Series型號3.9.8.6(不含)以前版本
● Vigor2925 Series型號3.9.8.6(不含)以前版本
● Vigor2925 LTE Series型號3.9.8.6(不含)以前版本
● Vigor2133 Series型號3.9.9.4(不含)以前版本
● Vigor2762 Series型號3.9.9.4(不含)以前版本
● Vigor2832 Series型號3.9.9.4(不含)以前版本
● Vigor2620 Series型號3.9.9.5(不含)以前版本
● VigorLTE 200n型號3.9.9.5(不含)以前版本

[建議措施]
官方已針對漏洞釋出修復更新,請參考官方說明進行更新,網址如下:
https://www.draytek.com/about/security-advisory/use-of-uninitialized-variable-vulnerabilities/ https://www.draytek.com/zh/support/latest-firmwares/

[參考資料]
1. https://nvd.nist.gov/vuln/detail/CVE-2025-10547
2. https://www.draytek.com/about/security-advisory/use-of-uninitialized-variable-vulnerabilities/
3. https://www.draytek.com/zh/support/latest-firmwares/

Forwarded from the National Information Security Information Sharing and Analysis Center (NISAC-200-202510-00000003)

[Description]
Researchers have discovered a Use of Uninitialized Variable vulnerability (CVE-2025-10547) in DrayTek DrayOS. An unauthenticated remote attacker can send specially crafted HTTP or HTTPS requests to the device's web interface, causing memory corruption and system crashes. Under certain conditions, it can even allow arbitrary code execution. Please verify and patch this vulnerability as soon as possible.

[Affected Platforms]
● Vigor1000B models running versions 4.4.3.6 (or earlier)
● Vigor2962 models running versions 4.4.3.6 (or earlier) or 4.4.5.1 (or earlier)
● Vigor3910 models running versions 4.4.3.6 (or earlier) or 4.4.5.1 (or earlier)
● Vigor3912 models running versions 4.4.3.6 (or earlier) or 4.4.5.1 (or earlier)
● Vigor2135 models running versions 4.5.1 (or earlier)
● Vigor2763 models running versions 4.5.1 (or earlier)
● Vigor2765 models running versions 4.5.1 (or earlier)
● Vigor2766 models running versions 4.5.1 (or earlier)
● Vigor2865 Series models running versions 4.5.1 (or earlier)
● Vigor2865 LTE Series models running versions 4.5.1 (exclusive) and earlier
● Vigor2865L-5G Series models running versions 4.5.1 (exclusive) and earlier
● Vigor2866 Series models running versions 4.5.1 (exclusive) and earlier
● Vigor2866 LTE Series models running versions 4.5.1 (exclusive) and earlier
● Vigor2927 Series models running versions 4.5.1 (exclusive) and earlier
● Vigor2927 LTE Series models running versions 4.5.1 (exclusive) and earlier
● Vigor2927L-5G Series models running versions 4.5.1 (exclusive) and earlier
● Vigor2915 Series models running versions 4.4.6.1 (exclusive) and earlier
● Vigor2862 Series models running versions 3.9.9.12 (exclusive) and earlier
● Vigor2862 LTE Series models running versions 3.9.9.12 (exclusive) and earlier
● Vigor2926 Series models running versions earlier than 3.9.9.12 (not included)
● Vigor2952 models running versions earlier than 3.9.8.8 (not included)
● Vigor2952P models running versions earlier than 3.9.8.8 (not included)
● Vigor3220 models running versions earlier than 3.9.8.8 (not included)
● Vigor2860 Series models running versions earlier than 3.9.8.6 (not included)
● Vigor2860 LTE Series models running versions earlier than 3.9.8.6 (not included)
● Vigor2925 Series models running versions earlier than 3.9.8.6 (not included)
● Vigor2925 LTE Series models running versions earlier than 3.9.8.6 (not included)
● Vigor2133 Series models running versions earlier than 3.9.9.4 (not included)
● Vigor2762 Series models running versions earlier than 3.9.9.4 (not included)
● Vigor2832 Series models: Versions 3.9.9.4 and earlier
● Vigor2620 Series models: Versions 3.9.9.5 and earlier
● VigorLTE 200n models: Versions 3.9.9.5 and earlier

[Recommended Action]
Officials have released a fix for this vulnerability. Please refer to the official instructions for updating. The URLs are as follows:
https://www.draytek.com/about/security-advisory/use-of-uninitialized-variable-vulnerabilities/ https://www.draytek.com/zh/support/latest-firmwares/

[References]
1. https://nvd.nist.gov/vuln/detail/CVE-2025-10547
2. https://www.draytek.com/about/security-advisory/use-of-uninitialized-variable-vulnerabilities/
3. https://www.draytek.com/en/support/latest-firmwares/


相關附件
【返回上頁】
Top↑