DrayTek would like to address a recent issue reported regarding DrayTek routers unexpectedly disconnecting from the Internet. These issues have been linked to intermittent connection drops, where some routers appear to lose connection, go up and down, and disrupt service. These disconnections were mainly observed in older models or devices running outdated firmware versions.
At DrayTek, we take these reports seriously and have been actively investigating the situation. Our investigation has determined that DrayTek Routers were targeted to repeated, suspicious, and potentially malicious TCP connection attempts originating from IP addresses with known bad reputations. These attempts could trigger the router to reboot in unpatched devices if those devices have SSL VPN Enabled, or Remote Management enabled without the protection of an Access Control List (ACL). If an ACL is enabled, but SSL VPN is also enabled then the ACL is not able to prevent the issue from occurring.
Our investigations indicate that firmware updates from around 2020 effectively patched this issue, and this is the first confirmed instance of an exploit being used in the wild. The issue is primarily affecting older models or devices that have not been updated for several years.
Our products are engineered for exceptional stability and longevity, which is why many EOL models, frequently over a decade old, remain in use worldwide. The issue has been linked to intermittent disconnections of these devices, many of which were set up years ago and have not been updated since, and is related to SSL VPN and HTTP/HTTPS remote management exposed on the WAN interface.
It is best practice to disable unused services and devices configured with SSL VPN and Web Management disabled have been unaffected.
Below is summary of devices which are affected but already have firmware available:
| Model | Firmware Version | Fixed since |
|---|---|---|
| Vigor 2120 | 3.8.17 or later | 2025/06/10 |
| Vigor 2133 | 3.9.9.3 or later | 2025/06/18 |
| Vigor 2620Ln | 3.8.14 or later | 2020/02/10 |
| Vigor 2762 Series | 3.9.9.3 or later | 2025/06/18 |
| Vigor 2832 Series | 3.9.9.3 or later | 2025/06/18 |
| VigorBX 2000 | 3.9.1 or later | 2020/01/09 |
| Vigor 2912 | 3.8.11 or later | 2020/03/18 |
| Vigor 2925 Series | 3.8.9.7 or later | 2020/01/24 |
| Vigor 2926 Series | 3.9.3 or later | 2020/03/23 |
| Vigor 2952 | 3.9.4 or later | 2020/06/26 |
| Vigor 3220 | 3.9.4 or later | 2020/09/04 |
The below is a summary of some of affected models where no patch exists
| Model | Firmware Version |
|---|---|
| Vigor 130 | All |
| Vigor 2110 | All |
| Vigor 2710 | All |
| Vigor 2760 | All |
| Vigor 2820 | All |
| Vigor 2830 | All |
| Vigor 2830v2 | All |
| Vigor 2850 | All |
| Vigor 2920 | All |
Newer models not listed above are not affected.
DrayTek understands the importance of maintaining the reliability and security of your network. Many older models, especially those reaching the end of their product lifecycle, may face challenges in keeping up with modern security standards and performance demands. While we have been able to provide guidance on how to mitigate against the issue, as part of our commitment to your continued satisfaction, we advise considering the replacement of any EOL models.
If you have any security-related queries, please reach out to us via the contact form to connect with our technical team.