A Denial-Of-Service Vulnerability In OpenSSL (CVE-2022-0778) has been found on
On 15th March 2022. The BN_mod_sqrt() function in OpenSSL, which is used for
parsing certificates contains a bug that can cause it to go into an endless
loop. Our products are affected, the HTTPS server for management may stop
working and result in a reboot when parsing or importing a maliciously crafted
certificate. OpenSSL has released a security update to address the
vulnerability. DrayTek will release new firmwares with security updates for
OpenSSL vulnerability as follows.
-
Routers
-
Access Points
-
Switches
Model |
Fixed Firmware Version |
Vigor3910 |
4.3.1.1 |
Vigor3900 |
1.5.1.4 |
Vigor3220 Series |
3.9.7.2 |
Vigor300B |
1.5.1.4 |
Vigor2962 Series |
4.3.1.1 |
Vigor2960 |
1.5.1.4 |
Vigor2952 / 2952P |
3.9.7.2 |
Vigor2927 Series |
4.4.0 |
Vigor2927 LTE Series |
4.4.0 |
Vigor2926 Series |
3.9.8.1 |
Vigor2926 LTE Series |
3.9.8.1 |
Vigor2925 Series |
3.9.2 |
Vigor2925 LTE Series |
3.9.2 |
Vigor2915 Series |
4.3.3.2 |
Vigor2912 |
3.8.15 |
Vigor2866 Series |
4.4.0 |
Vigor2866 LTE Series |
4.4.0 |
Vigor2865 Series |
4.4.0 |
Vigor2865 LTE Series |
4.4.0 |
Vigor2862 Series |
3.9.8.1 |
Vigor2862 LTE Series |
3.9.8.1 |
Vigor2860 Series |
3.9.2 |
Vigor2860 LTE Series |
3.9.2 |
Vigor2832 |
3.9.6.1 |
Vigor2766 Series |
4.4.2 |
Vigor2765 Series |
4.4.2 |
Vigor2762 Series |
3.9.6.4 |
Vigor2760 Series |
3.8.9.6 |
Vigor2620 LTE Series |
3.9.8.1 |
VigorLTE 200n |
3.9.8.1 |
Vigor2135 Series |
4.4.2 |
Vigor2133 Series |
3.9.6.4 |
Vigor1000B |
4.3.1.1 |
Vigor167 |
5.1.1 |
Vigor166 |
4.2.4 |
Vigor165 |
4.2.4 |
VigorNIC 132 |
3.8.5 |
Vigor130 |
3.8.5 |
Model |
Fixed Firmware Version |
VigorAP 1000C |
1.4.3 |
VigorAP 802 |
1.4.5 |
VigorAP 903 |
1.4.4 |
VigorAP 912C |
1.4.6 |
VigorAP 918R Series |
1.4.3 |
VigorAP 920R Series |
1.4.3 |
VigorAP 960C |
1.4.4 |
VigorAP 1060C |
1.4.6 |
Model |
Fixed Firmware Version |
VigorSwitch G1282 |
2.7.3 |
VigorSwitch P1282 |
2.7.3 |
VigorSwitch G2100 |
2.7.3 |
VigorSwitch P2100 |
2.7.3 |
VigorSwitch G2280x |
2.7.3 |
VigorSwitch P2280x |
2.7.3 |
VigorSwitch G2540x |
2.7.3 |
VigorSwitch P2540x |
2.7.3 |
VigorSwitch G2540xs |
3.7.3 |
VigorSwitch P2540xs |
3.7.3 |
VigorSwitch FX2120 |
3.7.3 |
Contact Technical Support
Should you have any security-related inquiry regarding one of our products, please contact DrayTek Technical Support.