Security Advisory

FragAttacks vulnerability on Wi-Fi Products
FragAttacks” Wi-Fi vulnerability is manufacturer-independent and affects various wireless devices such as smartphones, notebooks, routers, and game consoles. We are not aware of unauthorized exploitation of FragAttacks, which might only occur in the direct physical proximity of the Wi-Fi network. The security of services such as mail or apps that perform encryption using TLS protocols, or internet connection via HTTPS pages, is not affected by the vulnerability. Based on current knowledge, practical effects of FragAttacks are unlikely.

DrayTek has started releasing new firmware with security updates against ­­­FragAttacks as detailed below:

Model                                       Fixed Firmware Version 
Vigor2135ac                                               4.3.1.1
Vigor2865ac / 2865Vac / 2865Lac             4.3.1.1
Vigor2765ac / 2765Vac                              4.3.1.1
Vigor2927ac / 2927Vac / 2927Lac             4.2.4.1
Vigor2915ac                                               4.3.2.1

Further updates for the following products will follow.
Model                                 Fixed Firmware Version
VigorAP 960C                                             TBD
VigorAP 1060C                                           TBD
VigorAP 912C                                             TBD
VigorAP 920C                                             TBD
VigorAP 1000C                                           TBD
VigorAP 918R Series                                  TBD
VigorAP 920R Series                                  TBD
VigorAP 903                                                TBD

Click here for further information and download links for the updated firmware or go to https://www.draytek.com/about/security-advisory/fragattacks-vulnerability-on-wifi-products/