The Buffer Overflow Vulnerabilities have been discovered, which could potentially allow an authenticated attackers to cause a Denial of Service (DoS) via a crafted input.The vulnerabilities have been announced under CVE-2024-46550 CVE-2024-46568, CVE-2024-46571, CVE-2024-46580 CVE-2024-46586, CVE-2024-46588 ~ CVE-2024-46598.
We have promptly addressed this issue and released corresponding firmware updates that incorporate necessary security enhancements.
| Model | Fixed Firmware Version |
|---|---|
| Vigor2135 | 4.5.0* |
| Vigor2763 | 4.5.0* |
| Vigor2765 | 4.5.0* |
| Vigor2766 | 4.5.0* |
| Vigor2865 / 2865 LTE / 2865L-5G | 4.5.0* |
| Vigor2866 / 2866 LTE | 4.5.0* |
| Vigor2915 | 4.5.0* |
| Vigor2962 | 4.4.3.1 |
| Vigor2927 / 2927 LTE / 2927L-5G | 4.5.0* |
| Vigor3910 | 4.4.3.1 |
| Vigor3912 Series | 4.3.6.1 |
*Firmware unreleased
We would like to express our appreciation to the Jiaxu Zhao from VARAS@IIE. for the efficient testing and timely reporting.
Should you have any security-related inquiry regarding one of our products, please contact DrayTek Technical Support.