Home > About > Security Advisory >

FragAttacks vulnerability on WiFi Products

Released Date: 2021-06-04

"FragAttacks” Wi-Fi vulnerability is manufacturer-independent and affects various wireless devices such as smartphones, notebooks, routers, and game consoles. We are not aware of unauthorized exploitation of FragAttacks, which might only occur in the direct physical proximity of the Wi-Fi network. The security of services such as mail or apps that perform encryption using TLS protocols, or internet connection via HTTPS pages, is not affected by the vulnerability. Based on current knowledge, practical effects of FragAttacks are unlikely.

DrayTek has released new firmware with security updates against FragAttacks.

Model Fixed Firmware Version Download Link
Vigor2135ac 4.3.1.1
Vigor2865ac / 2865Vac / 2865Lac 4.3.1.1
Vigor2765ac / 2765Vac 4.3.1.1
Vigor2927ac / 2927Vac / 2927Lac 4.2.4.1
Vigor2915ac 4.3.2.1

Further updates for the following products will follow soon.

Model Fixed Firmware Version
VigorAP 960C TBD
VigorAP 1060C TBD
VigorAP 912C TBD
VigorAP 920C TBD
VigorAP 1000C TBD
VigorAP 918R Series TBD
VigorAP 920R Series TBD
VigorAP 903 TBD

For the EOL models with chips and drivers no longer supported by WiFi chip vendors, we recommend that users follow the general security practices below or upgrade to the new models.

  1. Enable WPA2/WPA3 for wireless connections.
  2. Use strong, unique WiFi passwords for each SSID, and change them regularly.
  3. Use the applications with encryption.
Contact Technical Support

Should you have any security-related inquiry regarding one of our products, please contact DrayTek Technical Support.