Weekly Update 8 August 2022
Security Advisory - (CVE-2022-32548)
In April 2022, DrayTek became aware of a vulnerability announced under CVE-2022-32548 and is related to a possible exploit of the router's Web UI login page.
DrayTek have released a updated firmware which addresses this vulnerability over the past few months. If you have not done so, it is recommended to upgrade your router firmware to the latest version.
Full details are available in the advisory on the DrayTek web site: https://www.draytek.com/about/security-advisory/draytek-router-unauthenticated-remote-code-execution-vulnerability-(cve-2022-32548)/
This article lists models affected and the minimum recommended firmware version to use.
Latest Application Note
Switch
Types of VigorSwitch SFP Modules
This application note provides a list of compatible SFP modules to suit DrayTek VigorSwitches
Click here to read the application note.
Latest Firmware
VigorAP 918R / VigorAP 920R / VigorAP 1000C V1.4.4
Improvements
· - Improve the DNS security (CVE-2022-30295).
· - Support Allow management from WLAN (System Maintenance >> Management).
· - Fixed: Mesh network connection when Mesh Root is Vigor2862 or Vigor2926.
· - Fixed: APM failure on the Vigor router when upgrading the firmware of VigorAP from 1.4.2 to 1.4.3
Click here to download firmware.
New Features
· - Support 10Gigabit Ethernet port auto linkup.
·
Improvement
· - Fixed: An issue of (10G) port link aggregation not working after device reboot.
Click here to download firmware.
VigorSwitch G2540x / P2540x V2.7.4
New Features
· - Support 10Gigabit Ethernet port auto linkup.
Improvement
· - Fixed: An issue of (10G) port link aggregation not working after device reboot.
Click here to download firmware.
To subscribe to our regular news updates, click on
“Subscribe” on this page or login into your i-helpdesk account and enable the
“Subscribe” option.
Related Articles
DrayTek Weekly Update 19 August 2025
Security Update DrayTek Embraces EN 18031 - Setting a New Standard in Wireless Security DrayTek is currently working on its commitment to meeting the EU’s EN 18031-1 cybersecurity standard. This standard focuses on internet-connected radio equipment ...Weekly Update 14 August 2023
Upcoming Webinar Diagnostic Functions in DrayTek Routers Tuesday 22nd August 2023, 12:00 noon AEST Duration: 30 minutes Tune into our next YouTube Premiere webinar: Diagnostic Functions in DrayTek Routers When you encounter a problem on your network, ...Weekly Update 2 August 2019
Latest Application Note VPN Restrict VPN access to certain subnets or devices for Remote Dial-in users. This application note shows how to allow a dial in user to access certain subnet(s) or restrict the user/VPN client to a particular host or ...Weekly Update 30 August 2023
Security Advisory Format string vulnerability (CVE-2023-31447) A format string vulnerability has been discovered, which could potentially allow an unauthenticated attacker to execute arbitrary code. DrayTek has addressed this issue and has released ...Weekly Update 1 August 2023
Latest Application Note Using STARLINK Internet with DrayTek Vigor Routers This application note describes how to setup the Starlink internet connection for DrayTek routers. It covers configuration steps to use the Ethernet WAN connection as well as ...