A Denial-Of-Service Vulnerability In OpenSSL (CVE-2022-0778) has been found on
On 15th March 2022. The BN_mod_sqrt() function in OpenSSL, which is used for
parsing certificates contains a bug that can cause it to go into an endless
loop. Our products are affected, the HTTPS server for management may stop
working and result in a reboot when parsing or importing a maliciously crafted
certificate. OpenSSL has released a security update to address the
vulnerability. DrayTek will release new firmwares with security updates for
OpenSSL vulnerability as follows.
-
Routers
-
Access Points
-
Switches
| Model |
Fixed Firmware Version |
| Vigor3910 |
4.3.1.1 |
| Vigor3900 |
1.5.1.4 |
| Vigor3220 Series |
3.9.7.2 |
| Vigor300B |
1.5.1.4 |
| Vigor2962 Series |
4.3.1.1 |
| Vigor2960 |
1.5.1.4 |
| Vigor2952 / 2952P |
3.9.7.2 |
| Vigor2927 Series |
4.4.0 |
| Vigor2927 LTE Series |
4.4.0 |
| Vigor2926 Series |
3.9.8.1 |
| Vigor2926 LTE Series |
3.9.8.1 |
| Vigor2925 Series |
3.9.2 |
| Vigor2925 LTE Series |
3.9.2 |
| Vigor2915 Series |
4.3.3.2 |
| Vigor2912 |
3.8.15 |
| Vigor2866 Series |
4.4.0 |
| Vigor2866 LTE Series |
4.4.0 |
| Vigor2865 Series |
4.4.0 |
| Vigor2865 LTE Series |
4.4.0 |
| Vigor2862 Series |
3.9.8.1 |
| Vigor2862 LTE Series |
3.9.8.1 |
| Vigor2860 Series |
3.9.2 |
| Vigor2860 LTE Series |
3.9.2 |
| Vigor2832 |
3.9.6.1 |
| Vigor2766 Series |
4.4.2 |
| Vigor2765 Series |
4.4.2 |
| Vigor2762 Series |
3.9.6.4 |
| Vigor2760 Series |
3.8.9.6 |
| Vigor2620 LTE Series |
3.9.8.1 |
| VigorLTE 200n |
3.9.8.1 |
| Vigor2135 Series |
4.4.2 |
| Vigor2133 Series |
3.9.6.4 |
| Vigor1000B |
4.3.1.1 |
| Vigor167 |
5.1.1 |
| Vigor166 |
4.2.4 |
| Vigor165 |
4.2.4 |
| VigorNIC 132 |
3.8.5 |
| Vigor130 |
3.8.5 |
| Model |
Fixed Firmware Version |
| VigorAP 1000C |
1.4.3 |
| VigorAP 802 |
1.4.5 |
| VigorAP 903 |
1.4.4 |
| VigorAP 912C |
1.4.6 |
| VigorAP 918R Series |
1.4.3 |
| VigorAP 920R Series |
1.4.3 |
| VigorAP 960C |
1.4.4 |
| VigorAP 1060C |
1.4.6 |
| Model |
Fixed Firmware Version |
| VigorSwitch G1282 |
2.7.3 |
| VigorSwitch P1282 |
2.7.3 |
| VigorSwitch G2100 |
2.7.3 |
| VigorSwitch P2100 |
2.7.3 |
| VigorSwitch G2280x |
2.7.3 |
| VigorSwitch P2280x |
2.7.3 |
| VigorSwitch G2540x |
2.7.3 |
| VigorSwitch P2540x |
2.7.3 |
| VigorSwitch G2540xs |
3.7.3 |
| VigorSwitch P2540xs |
3.7.3 |
| VigorSwitch FX2120 |
3.7.3 |
Contact Technical Support
Should you have any security-related inquiry regarding one of our products, please contact DrayTek Technical Support.