RCE weakness found in DrayTek Vigor routers

Multiple DrayTek Vigor routers were confirmed to have been impacted by the security issue, tracked as CVE-2025-10547, which could be leveraged by remote, unauthenticated attackers for arbitrary code execution, reports BleepingComputer. Disclosed by ChapsVision security researcher Pierre-Yves Maes, such a vulnerability "can be triggered when unauthenticated remote attackers send crafted HTTP or HTTPS requests to the device's Web User Interface (WebUI). Successful exploitation may cause memory corruption and a system crash, with the potential in certain circumstances could allow remote code execution," according to an advisory from DrayTek. The vendor recommends limiting WAN exposure by disabling remote WebUI or SSL VPN access or controlling it with ACLs and VLANs. However, the interface remains accessible on the LAN side, where local threats could still interact with it. No evidence of exploitation has been found at this stage but DrayTek has urged administrators to apply the provided firmware updates. The affected devices span both older routers and flagship lines used in telecom and direct link service environments, many of which are used in small to medium businesses and prosumer networks.