- Dayytek Patches CVE-2025-10547, a firmware error that enables the crash or execution of remote code
- Vulnerability affects routers with exposed webui or incorrectly configured ACLs; Local access
- Vigor Routers are common in SMBs, making them attractive targets for sustained cyberattacks
Networking Gear Manufacturer Draytek has patched a dangerous vulnerability found in dozens of Vigor Business Router models, and encourages users to apply the correction as soon as possible.
In a security counseling, Dayytek said it discovered an “uninitialized variables in firmware” vulnerability in Drayos (OS -driving power routers), which, if utilized, could result in memory corruption or system accidents. There is also “potential under certain circumstances” to use the error to carry out remote code.
The error is traced as CVE-2025-10547 and has not yet been assigned a severity.
List of affected force routers
Threat actors can abuse it by sending specially designed HTTP or HTTPS requests to the Devices Web User Interface (Webui).
Dayytek says the error only affects routers that have remote access to webui and SSL VPN services that are activated, as well as those whose access controls (ACLs) are incorrectly configured.
“Nevertheless, an attacker with access to the local network could still utilize the vulnerability via webui,” explains the advisory. “Local access to webui can be controlled on some models using LAN -Side VLANs and ACLs. To ensure full protection, we strongly recommend upgrading the firmware to the minimal version specified below.”
The entire list of affected routers is quite extensive and it can be found at this link.
At the time of the press, there was no information that the error was exploited in nature, so we do not know about any potential goals or victims, but power models are very common in prosumes and small and medium -sized business environments.
Router vulnerability is a common target in cyberattacks as they can serve as entry points for lateral movement, data filling or botnet recruitment, especially since SMBs rarely have robust monitoring or event -response functions. Attackers also favor them to persistence as routers often go unnoticed during security audits.
Via Bleeping computer
Follow Techradar on Google News and Add us as a preferred source To get our expert news, reviews and meaning in your feeds. Be sure to click the Follow button!
And of course you can too Follow Techradar at Tiktok For news, reviews, unboxings in video form and get regular updates from us at WhatsApp also.
