DrayTek Weekly Update 9 December 2025

DrayTek Weekly Update 9 December 2025

25-11-2025

Latest Videos

This video examines ways to improve your wireless coverage and stay connected, but before exploring these options, it’s crucial to assess your specific wireless needs.


Click here to watch the video.

This video demonstrates how to use port forwarding to give access to a device on the LAN of a DrayTek 2135 from the internet via TCP port 443, which is generally used for HTTPS. Then, using country codes, grant access only to clients from the specified country, denying access to all others. This will work for any DrayOS 4 routers.

Click here
to view this video.

This video provides an overview of the upcoming DrayTek Training workshop to be held in Perth on 5th February 2026.


Click here to watch this video.

 

Latest Firmware

New Features

            -  Add a new CLI command to adjust the NAT service priority.
           -  Add a new tab of Notification under Monitoring>>Log Center.
          -  Add IGMP Accept List in Configuration>>IGMP>>General Setup

Improvements 

            -  Improve the Wi-Fi Driver Security (CVE-2025-20710, CVE-2025-20711, CVE-2025-20715, CVE-2025-20716, CVE-2025-20720, CVE-2025-20724, CVE-2025-20729, CVE-2025-20731, CVE-2025-20732, CVE-2025-20733, CVE-2025-20734, CVE-2025-20735, CVE-2025-207337, CVE-2025-20738, and CVE-2025-20739).    

       -  Set the default DHCPv6 WAN IAID to 0

For a complete list of new features and improvements, refer to the release notes in the firmware download link.

Click here to download the firmware.

 

Improvements    

            -  Improve the Wi-Fi Driver Security (CVE-2025 20710, CVE-2025-20715, CVE-2025-20716, CVE-2025-20718, CVE-2025-20719, CVE-2025-20720, CVE-2025 20724, CVE-2025-20733, CVE-2025-20734, CVE-2025-20736, CVE-2025-207337, CVE-2025 20738, and CVE-2025 20739).

            -  Improve Auto Hunt mechanism, including detection of WAN2 online/offline status.

            -  Fixed: Issues related to device loss of connection

For a complete list of new features and improvements, refer to the release notes in the firmware download link.

Click here to download the firmware.

 

New Features

          -  Support IKEv2 cookies for preventing DoS attacks.

          -  Add a new CLI command to adjust the NAT service priority.

            - Add a new tab of Notification under Monitoring>>Log Center.  

            -  Add IGMP Accept List in Configuration>>IGMP>>General Setup.

Improvements

            -  Improve Wi-Fi Driver Security (CVE-2025-20710, CVE-2025-20711, CVE-2025-20715, CVE-2025-20716, CVE-2025-20720, CVE-2025-20724, CVE-2025-20729, CVE-2025-20731, CVE-2025-20732, CVE-2025-20733, CVE-2025-20734, CVE-2025-20735, CVE-2025-207337, CVE-2025-20738, and CVE-2025-20739).

          -  Set the default DHCPv6 WAN IAID to 0.

          -  Optimise the VPN Protection Rules window layout.

Click here to download the firmware.

 

Improvements

          -  Improve Wi-Fi Driver Security (CVE-2025 20710, CVE-2025-20715, CVE-2025-20716, CVE-2025-20718, CVE-2025-20719, CVE-2025-20720, CVE-2025 20724, CVE-2025-20733, CVE-2025-20734, CVE-2025-20736, CVE-2025-207337, CVE-2025 20738, and CVE-2025 20739).

          -  Improve the Auto Hunt mechanism, including the detection of WAN2 online/offline status

For a complete list of new features and improvements, refer to the release notes in the firmware download link.

Click here to download the firmware.

 

Vigor2766 V4.5.2   

Improvements

          -  Improve Wi-Fi Driver Security (CVE-2025 20710, CVE-2025-20715, CVE-2025-20716, CVE-2025-20718, CVE-2025-20719, CVE-2025-20720, CVE-2025 20724, CVE-2025-20733, CVE-2025-20734, CVE-2025-20736, CVE-2025-207337, CVE-2025 20738, and CVE-2025 20739).

          -  Improve the Auto Hunt mechanism, including the detection of WAN2 online/offline status

For a complete list of new features and improvements, refer to the release notes in the firmware download link.

Click here to download the firmware.

 

New Features

          -  Support EasyVPN connection.

          -  Support multiple IPv4 VRRP groups
.

Improvements

          -  Improve Wi-Fi Driver Security (CVE-2025-20710, CVE-2025-20715, CVE-2025-20716, CVE-2025-20718, CVE-2025-20719, CVE-2025-20720, CVE-2025-20724, CVE-2025-20733, CVE-2025-20734, CVE-2025-20736, CVE-2025-20737, CVE-2025-20738 and CVE-2025-20739)   

          -  Add new TR-069 parameters for LTE SIM 1/2 priority by CLI.

          -  Add an option of "VPN on Slave" under Applications>> High Availability for HA failover.

For a complete list of new features and improvements, refer to the release notes in the firmware download link.

Click here to download the firmware.

 

New Features

        -  Support EasyVPN connection.

         -  Support multiple IPv4 VRRP groups
.

Improvements

          -  Improve Wi-Fi Driver Security (CVE-2025-20710, CVE-2025-20715, CVE-2025-20716, CVE-2025-20718, CVE-2025-20719, CVE-2025-20720, CVE-2025-20724, CVE-2025-20733, CVE-2025-20734, CVE-2025-20736, CVE-2025-20737, CVE-2025-20738 and CVE-2025-20739)

        -  Add new TR-069 parameters for LTE SIM 1/2 priority by CLI.

         -  Add an option of "VPN on Slave" under Applications>> High Availability for HA failover.

For a complete list of new features and improvements, refer to the release notes in the firmware download link.

Click here to download the firmware.

 

Improvements

          -  Improve WebGUI security

Reboot

·              -  Fixed: High memory usage for the maximum connection number of 150K.

          -  Fixed: Unexpected router reboots related to IPv6 WAN2 port link down/up, and DPDK Anti-Dos support.

VPN

    -  Send the next DPD request once again before the router announces the DPD timeout of the VPN connection.

For a complete list of new features and improvements, refer to the release notes in the firmware download link.

Click here to download the firmware.

 

Vigor3910  V4.4.3.7  

Improvements

VPN

        -  Fixed: Errors caused by packet fragmentation over the VPN.

          -  Fixed: Failure to enter a 2FA code for VPN Host to LAN when "Management from LAN" was not allowed.

Security / TOTP / Port Knocking

          -  To comply with NIS2 security requirements, the firmware now applies the following defaults: Telnet is disabled, FTP is disabled, and Enforce HTTPS Access is enabled. If Telnet/ FTP access on LAN1 is unavailable after the upgrade, users are advised to verify the settings under System Maintenance >> LAN Access Control.

For a complete list of new features and improvements, refer to the release notes in the firmware download link.

Click here to download the firmware.

 

Improvements

VPN

          -  Fixed: Errors caused by packet fragmentation over the VPN.

          -  Fixed: Failure to enter a 2FA code for VPN Host to LAN when "Management from LAN" was not allowed.

Security / TOTP / Port Knocking

           -  To comply with NIS2 security requirements, the firmware now applies the following defaults: Telnet is disabled, FTP is disabled, and Enforce HTTPS Access is enabled. If Telnet/ FTP access on LAN1 is unavailable after the upgrade, users are advised to verify the settings under System Maintenance >> LAN Access Control 

For a complete list of new features and improvements, refer to the release notes in the firmware download link

Click here to download the firmware.

 

DrayTek HQ frequently sends notifications about system updates, outages, security alerts, and firmware releases.

Click here for the latest news from DrayTek HQ.

 

To subscribe to our regular news updates, click “Subscribe” on this page or log into your i-helpdesk account and enable the “Subscribe” option.

 

.


    • Related Articles

    • Weekly Update 5 December 2019

      Latest Video DrayTek Transitioning Phone Services to theNBN Part 1 In the previous video (DrayTek Products and Solutions For NBN) we looked at the NBN multi technology mix and the different routers needed for each type of NBN connection. Usually the ...

    • DrayTek Weekly Update 22 December 2025

      Latest Videos VRRPwith DrayTek Routers With the latest firmware, DrayTek routers now support hardware redundancy via VRRP, a powerful solution for network reliability. VRRP stands for Virtual Router Redundancy Protocol, and is a networking protocol ...

    • Weekly Update 13 December 2022

      Upcoming Webinar Free Webinar – DrayTek VigorACS 3 - SD-WAN Solution Tuesday 20th December 2022, 12:00 noon AEDT Duration: 30 minutes   Tune into our next YouTube Premiere webinar: DrayTek VigorACS 3 - SD-WAN Solution This is the ninth and final part ...

    • Weekly Update 18 December 2023

      Latest Videos How to capture NetFlow Data using VigorACS 3 This video shows how to capture NetFlow data from a DrayTek router using VigorConnect as a NetFlow collector, and VigorACS 3 to display the graphs and statistics. Click here to watch this ...

    • Weekly Update 16 December 2024

      Latest Video How toinstall ACS 3 on AWS This video describes the installation of VigorACS 3 on a Linux platform in Amazon Web Services (AWS), a cloud computing platform. Click here to watch this video. Latest Firmware Vigor2915 V4.4.5 Improvements · ...