Draytek Routers APP Enforcement Module Upload Vulnerability Leading to Arbitrary Code Execution

Vulnerability

A vulnerability exists in several Draytek router models, allowing attackers to upload malicious APP Enforcement modules that execute arbitrary code. This issue affects the Vigor 165/166 models prior to version 4.2.6, Vigor 2620/LTE200 models prior to version 3.9.8.8, Vigor 2860/2925 models prior to version 3.9.7, Vigor 2862/2926 models prior to version 3.9.9.4, Vigor 2133/2762/2832 models prior to version 3.9.8, Vigor 2135/2765/2766 models prior to version 4.4.5.1, Vigor 2865/2866/2927 models prior to version 4.4.5.3, Vigor 2962/3910 models prior to version 4.3.2.7, and Vigor 3912 models prior to version 4.3.5.2.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected device.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Draytek Routers APP Enforcement Module Upload Vulnerability Leading to Arbitrary Code Execution

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating