Home > About > Security Advisory >

Vigor3900 / Vigor2960 / Vigor300B Stack-based buffer overflow Vulnerability (CVE-2020-10823 ~ CVE-2020-10828)

Released Date: 2020-04-08

We have become aware of a possible exploit of the Vigor2960 / 3900 / 300B related to functions and services on 13th Jan. On 6th Feb 2020, we released an updated firmware to address this issue.

Necessary Action: Users of affected models should upgrade to 1.5.1 firmware or later as soon as possible.

Affected Products and the Fixed Firmware Version

Model Fixed Firmware Version Download Link
Vigor300B 1.5.1
Vigor2960 1.5.1
Vigor3900 1.5.1

The issue only affects the Vigor3900 / 2960 / 300B and is not known to affect any other DrayTek products.

Contact Technical Support

Should you have any security-related inquiry regarding one of our products, please contact DrayTek Technical Support.