Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

DrayTek — Vulnerabilities & Security Advisories 8

Browse all 8 CVE security advisories affecting DrayTek. AI-powered Chinese analysis, POCs, and references for each vulnerability.

DrayTek develops networking hardware and software, primarily serving small to medium businesses with routers, firewalls, and VPN solutions. Historically, their products have faced multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, with seven CVEs currently documented. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities in their firmware suggests potential exposure points for attackers. Their devices often default to administrative interfaces with weak security configurations, making them attractive targets for exploitation in enterprise environments.

Top products by DrayTek: Vigor 2960 Vigor2960 Vigor 300B
CVE IDTitleCVSSSeverityPublished
CVE-2022-50994 DrayTek Vigor 2960 < 1.5.1.4 OS Command Injection via mainfunction.cgi — Vigor 2960CWE-78 8.1 High2026-05-08
CVE-2026-3040 DrayTek Vigor 300B Web Management uploadlangs cgiGetFile os command injection — Vigor 300BCWE-78 4.7 Medium2026-02-23
CVE-2024-12987 DrayTek Vigor2960/Vigor300B Web Management Interface apmcfgupload os command injection — Vigor2960CWE-78 7.3 High2024-12-27
CVE-2024-12986 DrayTek Vigor2960/Vigor300B Web Management Interface apmcfgupptim os command injection — Vigor2960CWE-78 7.3 High2024-12-27
CVE-2023-6265 DrayTek Vigor2960 mainfunction.cgi dumpSyslog 'option' directory traversal — Vigor2960CWE-22 6.5 Medium2023-11-22
CVE-2023-1163 DrayTek Vigor 2960 Web Management Interface mainfunction.cgi getSyslogFile path traversal — Vigor 2960CWE-22 6.5 Medium2023-03-03
CVE-2023-1162 DrayTek Vigor 2960 Web Management Interface mainfunction.cgi command injection — Vigor 2960CWE-77 7.2 High2023-03-03
CVE-2023-1009 DrayTek Vigor 2960 Web Management Interface mainfunction.cgi sub_1DF14 path traversal — Vigor 2960CWE-22 6.5 Medium2023-02-24

This page lists every published CVE security advisory associated with DrayTek. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.