EUVD-2025-32290

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Uninitialized variable in web request arguments on Vigor Routers with DrayOS may enable remote code execution via memory corruption.

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2025-10547	2 Oct 202517:55	–	circl
CNNVD	DrayTek Vigor Routers 安全漏洞	3 Oct 202500:00	–	cnnvd
CVE	CVE-2025-10547	3 Oct 202511:35	–	cve
Cvelist	CVE-2025-10547 CVE-2025-10547	3 Oct 202511:35	–	cvelist
NVD	CVE-2025-10547	3 Oct 202512:15	–	nvd
Positive Technologies	PT-2025-40432	2 Oct 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-10547	7 Oct 202517:35	–	redhatcve
The Hacker News	⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More	6 Oct 202511:38	–	thn
CERT	Vigor routers running DrayOS are vulnerable to RCE via EasyVPN and LAN web administration interface	3 Oct 202500:00	–	cert
Vulnrichment	CVE-2025-10547 CVE-2025-10547	3 Oct 202511:35	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "ac8a8bbf-0c8b-3072-8a99-14c8d72681ac",
        "vendor": {
          "name": "DrayTek Corporation"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "11a9b053-3c37-30cc-9a23-c43a8d7f476f",
        "product": {
          "name": "vigor3910"
        },
        "product_version": "4.4.3.6"
      },
      {
        "id": "1b075ffd-3350-3ecd-adbe-fd67ef0acebf",
        "product": {
          "name": "Vigor2763"
        },
        "product_version": "4.5.1"
      },
      {
        "id": "1f81bda3-407d-3522-9026-540924615123",
        "product": {
          "name": "Vigor2866"
        },
        "product_version": "4.5.1"
      },
      {
        "id": "2fb719ec-6c8c-3689-9140-6f14dcc14a6c",
        "product": {
          "name": "Vigor2862"
        },
        "product_version": "3.9.9.12"
      },
      {
        "id": "489c0b90-835d-39d1-bb89-3e4979447967",
        "product": {
          "name": "Vigor2927L-5G"
        },
        "product_version": "4.5.1"
      },
      {
        "id": "4d68b935-ef44-3585-a027-9f903203d7f5",
        "product": {
          "name": "Vigor2865L-5G Series"
        },
        "product_version": "4.5.1"
      },
      {
        "id": "6c9b3144-12d8-313f-b266-087a4cd3f6a2",
        "product": {
          "name": "Vigor2926"
        },
        "product_version": "3.9.9.12"
      },
      {
        "id": "7a41234c-2075-3bf7-bec0-4ffaceb2820d",
        "product": {
          "name": "Vigor2962"
        },
        "product_version": "4.4.5.1"
      },
      {
        "id": "865ce8c4-14bc-383a-bd34-04e28de62ff4",
        "product": {
          "name": "Vigor1000B"
        },
        "product_version": "4.4.5.1"
      },
      {
        "id": "86cac4cc-54e2-3ae3-9490-162d0a08f952",
        "product": {
          "name": "Vigor2927"
        },
        "product_version": "4.5.1"
      },
      {
        "id": "8f15989c-b2fe-3cf1-9590-7b42ae4deb83",
        "product": {
          "name": "Vigor2915"
        },
        "product_version": "4.4.6.1"
      },
      {
        "id": "9f1e0ded-0733-3c69-9e5d-a9c96917a1fc",
        "product": {
          "name": "Vigor2866 LTE"
        },
        "product_version": "4.5.1"
      },
      {
        "id": "9f3891ed-b9cd-3a63-88fa-50030bf0e5a4",
        "product": {
          "name": "Vigor2766"
        },
        "product_version": "4.5.1"
      },
      {
        "id": "b1723a5b-dfb8-3704-9ef1-3089bf47123a",
        "product": {
          "name": "Vigor3912"
        },
        "product_version": "4.4.5.1"
      },
      {
        "id": "b18af352-3f4b-3c55-a43d-4129eb4e06cd",
        "product": {
          "name": "Vigor2765"
        },
        "product_version": "4.5.1"
      },
      {
        "id": "b8a51c74-09a0-3eeb-a949-fcd7767f4045",
        "product": {
          "name": "Vigor2862 LTE"
        },
        "product_version": "3.9.9.12"
      },
      {
        "id": "bfacd85a-53d6-3511-a428-7eb8f50a208f",
        "product": {
          "name": "Vigor2865"
        },
        "product_version": "4.5.1"
      },
      {
        "id": "df6fae8b-5e10-30e9-8b01-5f09ee39f519",
        "product": {
          "name": "Vigor 2927 LTE"
        },
        "product_version": "4.5.1"
      },
      {
        "id": "f401df20-5007-3ee5-8fb5-dc920b970748",
        "product": {
          "name": "Vigor2865 LTE Series"
        },
        "product_version": "4.5.1"
      },
      {
        "id": "f425bb77-4dd4-33f9-b052-9f325d86fff0",
        "product": {
          "name": "Vigor2135"
        },
        "product_version": "4.5.1"
      }
    ]
  }
]

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-10547
draytek	www.draytek.com/about/security-advisory/use-of-uninitialized-variable-vulnerabilities
draytek	www.draytek.com/about/security-advisory/use-of-uninitialized-variable-vulnerabilities/

03 Oct 2025 20:07Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.18.8

EPSS0.00066

SSVC