Weekly Update 24 September 2024
Click here to watch this video.
DrayTek has resolved 14 vulnerabilities on DrayOS routers as of 20th June. These are for CVE-2024-41583 ~ CVE-2024-41596.
It is recommended that you check whether your router is running the updated firmware listed below or a later version.
Router Model Updated Firmware
Vigor2133/2762/2832 V3.9.9
Vigor2865/2866 V4.4.5.2
Vigor2765/2766/2135/2763 V4.4.5.3
Vigor3912 V4.3.6.1
Vigor3910 v4.3.2.8/4.4.3.1
Vigor2962 v4.3.2.8/4.4.3.1
Vigor1000B V4.3.2.8
Vigor2862 V3.9.9.5
Vigor2926 V3.9.9.5
Vigor2952 V3.9.8.2
Vigor3220 V3.9.8.2
Vigor2926p V4.4.2.4
Vigor2620 V3.9.8.9
Vigor2925 V3.9.8
Vigor2860 V3.9.8
Vigor2915 V4.4.3.2
Vigor2927 V4.4.5.4
Only one or two of them are unauthenticated vulnerabilities (login not required), and they are triggered via WUI, so it is safe if router WUI remote access is not open or ACL enabled.
Unauthenticated vulnerabilities only are fixed on End-of-Life models (Firmware v3.x.x)
All vulnerabilities have been fixed for 3910/2962 v4.3.2.8 and 2962/3910 v4.4.3.1.
Improvements
· - Improve Web GUI Security
· - Fixed: The Validation Code not working on the Login window.
· - Fixed: The Country Object failed to work due to the firewall setting.
· - Fixed: URL Filter failure to block HTTPS websites when TLS 1.3 hybridized Kyber was enabled in the browser.
· - Fixed: Failure to reboot the router when CPE set parameter configuration contained WAN1 username/password.
Click here to download the firmware.
Improvements
· - Improve Web GUI Security
· - Fixed: The Validation Code is not working on the Login window
· - Fixed: The Country Object failed to work due to the firewall setting
· - Fixed: URL Filter failure to block HTTPS websites when TLS 1.3 hybridized Kyber was enabled in the browser
Click here
to download the firmware.
Improvements
· - Improve Web GUI Security
· - Fixed: URL Filter failure to block HTTPS websites when TLS 1.3 hybridized Kyber was enabled in the browser
· - Fixed: Failure to reboot the router when CPE set parameter configuration contained WAN1 username/password
Click here to download the firmware.
Improvements
· - Improve Web GUI Security
· - Fixed: URL Filter failure to block HTTPS websites when TLS 1.3 hybridized Kyber was enabled in the browser
· - Fixed: Failure to reboot the router when CPE set parameter configuration contained WAN1 username/password
Click here
to download the firmware.
Improvements
· - Improve Web GUI Security
· - Fixed: URL Filter failure to block HTTPS websites when TLS 1.3 hybridized Kyber was enabled in the browser
Click here
to download the firmware.
Improvements
· - Improve Web GUI Security
· - Fixed: URL Filter failure to block HTTPS websites when TLS 1.3 hybridized Kyber was enabled in the browser
Click here
to download the firmware.
New Feature
· - Support scheduled LED on/off and system reboot
Improvements
· - Add an option to enable/disable the Reset button
· - Improve the process stability between VigorACS and VigorAP
· - Add a note describing the characters that can be used in the password
Click here to download the firmware.
Improvements
· - Fixed: Issues related to TR-069 parameters
· - Fixed: CPU usage occupied in some cases
· - Fixed: Using IP source guard and DHCP snooping simultaneously
Click here
to download the firmware.
Latest Software
Improvements
· - Compatible improvement with MariaDB 10.4.
· - Fixed: Users can access and manage files from other user groups in File Manager
Support Model and Version
For the full model support list, please refer to the Compatible Devices section in URL:
https://www.draytek.com/products/vigoracs-3/
Existing customers wishing to upgrade to the latest release can contact us at support@draytek.com.au for download instructions.
If you wish to test the software, contact us at support@draytek.com.au for a 30-day trial.
Latest APP
Smart VPN Client (Android) V1.3.5
· - Improve the stability of the application
Click here to download the APP.
Calendar Events from DrayTek HQ
DrayTek HQ often sends notifications of system updates or outages, security notifications, and firmware releases.
Click here for the latest news from DrayTek HQ
To subscribe to our regular news updates, click on “Subscribe” on this page or login into your i-helpdesk account and enable the “Subscribe” option.
Related Articles
Weekly Update 4 September 2019
Upcoming Webinar Free Webinar – DrayTek Wi-Fi Solutions Tuesday 10th September 2019, 10:00 am Duration: 30 minutes You are invited to attend our next webinar DrayTek Wi-Fi Solutions. In this webinar we look at the latest developments in DrayTek Wi-Fi ...Weekly Update 12 September 2023
Upcoming Webinar Free Webinar – DrayTek Router Troubleshooting Tips Tuesday 19th September 2023, 12:00 noon AEST Duration: 30 minutes Tune into our next YouTube Premiere webinar: DrayTek Router Troubleshooting Tips As part of maintaining your ...Weekly Update 6 September 2022
Upcoming Webinar Free Webinar – DrayTek VigorACS 3 - Auto VPN and VPN monitoring Tuesday 13th September 2022, 12:00 noon AEST Duration: 30 minutes Tune into our next YouTube Premiere webinar: DrayTek VigorACS 3 - Auto VPN and VPN monitoring. This ...Weekly Update 10 September 2024
Latest Firmware Vigor2952 V3.9.8.3 Improvements · - Improve Web GUI Security · - Fixed: URL Filter failure to block HTTPS websites when TLS 1.3 hybridized Kyber was enabled in the browser Click here to download the firmware. Vigor3220n V3.9.8.3 ...Weekly Update 26 September 2023
Latest Firmware Vigor2620 LTE V3.9.8.6 New Feature · - Support new WCF supplier (URL Reputation) Click here to download firmware. VigorLTE 200n V3.9.8.6 New Feature · - Support new WCF supplier (URL Reputation) Click here to download firmware. Latest ...