DrayTek Security Update 11 December 2025

DrayTek Security Update 11 December 2025

WLAN Driver Vulnerabilities

DrayTek has recently rolled out updated firmware to fix vulnerabilities in the WLAN drivers of chipsets used in several of its products. These vulnerabilities impact a broad range of chipset families found in devices such as smartphones, tablets, smart speakers, wireless access points, and routers. Since many DrayTek products utilise these chipset families, the company has quickly issued firmware updates that include the new WLAN drivers across the affected device models.

 

Vulnerability Details

CVE Number    Description      CVSS

CVE-2025-20710         Integer overflow in wlan         8.8

CVE-2025-20711         Specified type in wlan             8.8

CVE-2025-20715         Out-of-bounds write in wlan  7.8

CVE-2025-20716         Out-of-bounds write in wlan  7.8

CVE-2025-20718         Stack overflow in wlan            7.8

CVE-2025-20719         Stack overflow in wlan            8.8

CVE-2025-20720         Heap overflow in wlan            8.8

CVE-2025-20724         Out-of-bounds read in wlan   5.5

CVE-2025-20729         Heap overflow in wlan            4.2

CVE-2025-20731         Heap overflow in wlan            5.3

CVE-2025-20732         Stack overflow in wlan            5.3

CVE-2025-20733         Heap overflow in wlan            7.8

CVE-2025-20734         Heap overflow in wlan            5.3

CVE-2025-20735         Heap overflow in wlan            7.8

CVE-2025-20736         Stack overflow in wlan            6.7

CVE-2025-20737         Stack overflow in wlan            7.8

CVE-2025-20738         Stack overflow in wlan            6.7

CVE-2025-20739         Stack overflow in wlan            6.7

 

Affected Products and Recommended Firmware Versions

Model                                               Fixed Firmware Version

Vigor C410ax                                                5.3.5

Vigor C510ax                                                5.3.5

Vigor2133n / 2762n                                   3.9.9.5

Vigor2135ac / 2135Vac / 2135FVac        4.5.2

Vigor2136ax                                               5.3.5

Vigor2620Ln                                              3.9.9.6

Vigor2763ac                                              4.5.2

Vigor2765ac / 2765Vac                           4.5.2

Vigor2766ac / 2766Vac                           4.5.2

Vigor2865ac / 2865Vac / 2865Lac       4.5.2

Vigor2866ac / 2866Vac / 2866Lac       4.5.2

Vigor2912n                                              3.8.18

Vigor2915ac                                            4.4.6.2

Vigor2927ac / 2927Vac / 2927Lac      4.5.1.1

VigorAP 903                                           1.4.20

 

More details are available in the Security Advisory: WLAN Driver Vulnerabilities

 

It is highly recommended that affected products be updated to the latest firmware, which includes the security patches.

 

The latest firmware files can be downloaded from our support web page: https://www.draytek.com.au/support/downloads/

A list of the latest firmware releases is available in the knowledge base article:  New Firmware Releases for DrayTek


Additional Security Measures:

We recommend following these general best practices:

• Regularly check for and update firmware.

• Use strong, unique passwords for all accounts.

• Enable and properly configure your firewall settings.

• Keep an eye on your network for any suspicious activities.

 

 

DrayTek HQ frequently sends notifications about system updates, outages, security alerts, and firmware releases. 

Click here for the latest news from DrayTek HQ.

 

 

To subscribe to our regular news updates, click “Subscribe” on this page or log into your i-helpdesk account and enable the “Subscribe” option.

 


    • Related Articles

    • DrayTek Weekly Update 9 December 2025

      25-11-2025 Latest Videos Boosting your Wireless Coverage with DrayTek Access Points This video examines ways to improve your wireless coverage and stay connected, but before exploring these options, it’s crucial to assess your specific wireless ...

    • DrayTek Weekly Update 22 December 2025

      Latest Videos VRRPwith DrayTek Routers With the latest firmware, DrayTek routers now support hardware redundancy via VRRP, a powerful solution for network reliability. VRRP stands for Virtual Router Redundancy Protocol, and is a networking protocol ...

    • Weekly Update 16 December 2024

      Latest Video How toinstall ACS 3 on AWS This video describes the installation of VigorACS 3 on a Linux platform in Amazon Web Services (AWS), a cloud computing platform. Click here to watch this video. Latest Firmware Vigor2915 V4.4.5 Improvements · ...

    • Weekly Update 15 December 2021

      Latest Application Note How to use a VigorLTE router as a SMS Gateway This application note demonstrates how to setup a Vigor LTE router as the SMS provider. It allows non-LTE routers to send SMS messages through the LTE router. Two scenarios are ...

    • Weekly Update 12 December 2019

      Latest Video DrayTekTransitioning Phone Services to the NBN Part 2 The previous video (Part 1) looked at replacing the ISP supplied router connecting to the NBN if it did not do everything required. This video continues and goes through the ...