#VU116451 Use of uninitialized variable in DrayTek Corp. products - CVE-2025-10547
Published: October 4, 2025
Vulnerability identifier: #VU116451
Vulnerability risk: Critical
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Red
CVE-ID: CVE-2025-10547
CWE-ID: CWE-457
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Vigor2962
Vigor3910
Vigor3912
Vigor2135
Vigor2763
Vigor2765
Vigor2766
Vigor2865
Vigor2865 LTE
Vigor2865L-5G
Vigor2866
Vigor2866 LTE
Vigor2927
Vigor2927 LTE
Vigor2927L-5G
Vigor2915
Vigor2862
Vigor2862 LTE
Vigor2926
Vigor2926 LTE
Vigor2952
Vigor2952P
Vigor3220
Vigor2860
Vigor2860 LTE
Vigor2925
Vigor2925 LTE
Vigor2133
Vigor2762
Vigor2832
Vigor2620
VigorLTE 200n
Vigor 1000B
Vigor2962
Vigor3910
Vigor3912
Vigor2135
Vigor2763
Vigor2765
Vigor2766
Vigor2865
Vigor2865 LTE
Vigor2865L-5G
Vigor2866
Vigor2866 LTE
Vigor2927
Vigor2927 LTE
Vigor2927L-5G
Vigor2915
Vigor2862
Vigor2862 LTE
Vigor2926
Vigor2926 LTE
Vigor2952
Vigor2952P
Vigor3220
Vigor2860
Vigor2860 LTE
Vigor2925
Vigor2925 LTE
Vigor2133
Vigor2762
Vigor2832
Vigor2620
VigorLTE 200n
Vigor 1000B
Software vendor:
DrayTek Corp.
DrayTek Corp.
Description
The vulnerability allows a remote attacker to compromise the affected device.
The vulnerability exists due to usage of an uninitialized variable within the device's Web User Interface (WebUI). A remote non-authenticated attacker can send a specially crafted HTTP request to the web interface of the affected device, trigger memory corruption and execute arbitrary code on the system.
Remediation
Install updates from vendor's website.