Security Advisory


Format string vulnerability (CVE-2023-31447)

A format string vulnerability has been discovered, which could potentially allow an unauthenticated attacker to execute arbitrary code. DrayTek has addressed this issue and has released new firmware for several router models which include the security update.

Click here for more details.

New Firmware is now available for the following router models:

Model

Firmware Version

Vigor2832 3.9.7
Vigor2862 / 2862 LTE 3.9.9.2
Vigor2926 / 2926 LTE 3.9.9.2
Vigor2952 / 2952P 3.9.8
Vigor2962 Series 4.3.2.4
Vigor3220 3.9.8
Vigor3910 4.3.2.4

 

This firmware can be downloaded from: https://www.draytek.com.au/support/downloads/

Firmware will be released in the coming weeks for the following router models:

Model

Firmware Version

Vigor2766 4.4.3
Vigor2860 / 2860 LTE 3.9.5*
Vigor2865 / 2865 LTE 4.4.3*
Vigor2866 / 2866 LTE 4.4.3*
Vigor2925 / 2925 LTE 3.9.5*
Vigor2927 / 2927 LTE 4.4.3*

 


Latest Videos


 

How to install ACS 3 v3.4.0 in Ubuntu

This video shows how to install VigorACS 3 v3.4.0 under Ubuntu operating system.

Click here to watch the video.

 


 

SmartVPN using OpenVPN with TOTP and VPN Matcher


This video demonstrates how to set up a remote dial-in VPN using DrayTek’s SmartVPN client with OpenVPN encryption and TOTP multi-factor authentication, and using DrayTek VPN Matcher because the server is hidden behind NAT.

Click here to watch the video.


Latest Application Note


What to do when an Undesired route is added after VPN is up

This application note describes what to do when an unexpected route appears on the PC when setting up a Dial-in VPN connection to a router. This can be related to the “Disable Class based route addition” option in Windows.

Click here to read the application note.

 


Latest Firmware


VigorAP 906 V1.4.9

Improvements

  • Improve the long scanning time taken by AP Discovery Scan.
  • Fixed: Issues related to TR-069 parameters.
  • Fixed: “Disable LED” not working.
  • Fixed: Wi-Fi DOWN/ Wi-Fi UP set on Applications>>Schedule not working.
  • Fixed: network connection problem due to Airtime Fairness.
  • Fixed: Wireless LAN (5GHz) network invalid if channel 165 selected.
  • Fixed: WPA3 Enterprise, WPA3/WPA2 Enterprise, WPA2/WPA Enterprise configuration of wireless LAN (2.4GHz).
  • Fixed: Network connection failure, if using 5GHz with WPA2 Enterprise or WPA2/WPA3 Enterprise with external RADIUS authentication.

Click here to download firmware.

 


VigorLTE 200n V3.9.8.5

Improvement

  • Fixed: Failure to reboot by using the default configuration.

Click here to download firmware.

 


Vigor2620 LTE V3.9.8.5

Improvement

  • Fixed: Failure to reboot by using the default configuration.

Click here to download firmware.

 


Vigor2862 / 2862 LTE V3.9.9.2

New Feature

  • Supports new WCF supplier

Improvements

  • Improve web GUI security
  • Fixed: DHCP relay not working
  • Fixed: Unable to remove ACL by TR-069 parameter
  • Fixed: APP Enforcement function could not block TeamViewer successfully

Click here to download firmware.

 


Vigor2926 / 2926 LTE V3.9.9.2

New Feature

  • Supports new WCF supplier

Improvements

  • Improve web GUI security
  • Fixed: DHCP relay not working
  • Fixed: Unable to remove ACL by TR-069 parameter
  • Fixed: APP Enforcement function could not block TeamViewer successfully

Click here to download firmware.

 


VigorAP 912C V1.4.11 

Improvement

  • Fixed: Poor transmission rates with 2.4GHz via iOS mobile phones (e.g., iPhone 14 pro max)

Click here to download firmware