Home > About > Security Advisory >

Vigor3900 / Vigor2960 / Vigor300B Remote code injection/execution Vulnerability (CVE-2020-19664)

Released Date: 2021-01-08

We have become aware of a possible exploit of the Vigor3900 / 2960 / 300B related to functions and services found on 4th May, 2020, and this vulnerability had been resolved with the firmware v1.5.1.1 released on 17th Jun. 2020.

Necessary Action: Users of affected models should upgrade firmware to version or later as soon as possible.

Affected Products and the Fixed Firmware Version

Model Fixed Firmware Version Download Link

The issue only affects the Vigor3900 / 2960 / 300B and is not known to affect any other DrayTek products.

Contact Technical Support

Should you have any security-related inquiry regarding one of our products, please contact DrayTek Technical Support.