CVE-2025-10547 | DrayTek Vigor2926 HTTP CGI Request missing initialization

A vulnerability was found in DrayTek Vigor1000B, Vigor2962, Vigor3910, Vigor3912, Vigor2135, Vigor2763, Vigor2765, Vigor2766, Vigor2865, Vigor2865 LTE, Vigor2865L-5G, Vigor2866, Vigor2866 LTE, Vigor2927, Vigor 2927 LTE, Vigor2927L-5G, Vigor2915, Vigor2862, Vigor2862 LTE and Vigor2926. It has been classified as very critical. This issue affects some unknown processing of the component HTTP CGI Request Handler. The manipulation leads to missing initialization of a variable.

This vulnerability is documented as CVE-2025-10547. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More