Home > About > Security Advisory >

OpenSSL vulnerability (CVE-2022-0778)

Released Date: 2022-04-27

A Denial-Of-Service Vulnerability In OpenSSL (CVE-2022-0778) has been found on On 15th March 2022. The BN_mod_sqrt() function in OpenSSL, which is used for parsing certificates contains a bug that can cause it to go into an endless loop. Our products are affected, the HTTPS server for management may stop working and result in a reboot when parsing or importing a maliciously crafted certificate. OpenSSL has released a security update to address the vulnerability. DrayTek will release new firmwares with security updates for OpenSSL vulnerability as follows.

  • Routers
  • Access Points
  • Switches
Model Fixed Firmware Version
Vigor3910 4.3.1.1
Vigor3900 1.5.1.4
Vigor3220 Series 3.9.7.2
Vigor300B 1.5.1.4
Vigor2962 Series 4.3.1.1
Vigor2960 1.5.1.4
Vigor2952 / 2952P 3.9.7.2
Vigor2927 Series 4.4.0
Vigor2927 LTE Series 4.4.0
Vigor2926 Series 3.9.8.1
Vigor2926 LTE Series 3.9.8.1
Vigor2925 Series 3.9.2
Vigor2925 LTE Series 3.9.2
Vigor2915 Series 4.3.3.2
Vigor2912 3.8.15
Vigor2866 Series 4.4.0
Vigor2866 LTE Series 4.4.0
Vigor2865 Series 4.4.0
Vigor2865 LTE Series 4.4.0
Vigor2862 Series 3.9.8.1
Vigor2862 LTE Series 3.9.8.1
Vigor2860 Series 3.9.2
Vigor2860 LTE Series 3.9.2
Vigor2832 3.9.6.1
Vigor2766 Series 4.4.2
Vigor2765 Series 4.4.2
Vigor2762 Series 3.9.6.4
Vigor2760 Series 3.8.9.6
Vigor2620 LTE Series 3.9.8.1
VigorLTE 200n 3.9.8.1
Vigor2135 Series 4.4.2
Vigor2133 Series 3.9.6.4
Vigor1000B 4.3.1.1
Vigor167 5.1.1
Vigor166 4.2.4
Vigor165 4.2.4
VigorNIC 132 3.8.5
Vigor130 3.8.5
Model Fixed Firmware Version
VigorAP 1000C 1.4.3
VigorAP 802 1.4.5
VigorAP 903 1.4.4
VigorAP 912C 1.4.6
VigorAP 918R Series 1.4.3
VigorAP 920R Series 1.4.3
VigorAP 960C 1.4.4
VigorAP 1060C 1.4.6
Model Fixed Firmware Version
VigorSwitch G1282 2.7.3
VigorSwitch P1282 2.7.3
VigorSwitch G2100 2.7.3
VigorSwitch P2100 2.7.3
VigorSwitch G2280x 2.7.3
VigorSwitch P2280x 2.7.3
VigorSwitch G2540x 2.7.3
VigorSwitch P2540x 2.7.3
VigorSwitch G2540xs 3.7.3
VigorSwitch P2540xs 3.7.3
VigorSwitch FX2120 3.7.3
Contact Technical Support

Should you have any security-related inquiry regarding one of our products, please contact DrayTek Technical Support.