Home > About > Security Advisory >

Vigor3900 / Vigor2960 / Vigor300B Stack-based buffer overflow Vulnerability (CVE-2020-14473 / CVE-2020-14993)

Released Date: 2020-06-24

We have become aware of a possible exploit of the Vigor3900 / 2960 / 300B related to functions and services on 12th Apr., and we released an updated firmware to address this issue on 17th Jun. 2020.

Necessary Action: Users of affected models should upgrade firmware to version or later as soon as possible.

Affected Products and the Fixed Firmware Version

Model Fixed Firmware Version Download Link

The issue only affects the Vigor3900 / 2960 / 300B and is not known to affect any other DrayTek products.


Here we want to express our acknowledgment for the people who found the vulnerability and notify us.

Contact Technical Support

Should you have any security-related inquiry regarding one of our products, please contact DrayTek Technical Support.