Problems with Vulnerable DrayTek Routers

Problems with Vulnerable DrayTek Routers

A number of broadband ISPs from across the United Kingdom have this weekend (22/23 March 2025) noticed an unusual increase in internet disconnections among customers who have DrayTek routers at home or in the office. The issue seems to be caused by a “router vulnerability“.
The issue of related broadband lines dropping and then reconnecting seems to have started at around 9:28pm on Saturday (22nd March 2025)

Please update the routers firmware to the latest release to resolve the issue.

You can also do the below.

DrayTek routers rebooting- How to solve this issue

Several clients have reported a reboot issue this morning. The solution is to disconnect the WAN and then try to upgrade to the latest firmware (not applicable if the latest firmware is older than 2024. e.g 2760 does not have this patch).
Try the TFTP firmware upgrade if the normal upgrade using the WEB UI does not work. See https://faq.draytek.com.au/2008/03/12/how-do-i-upgrade-the-firmware-on-my-vigor-router/

Download latest firmware here :  https://www.draytek.com.au/support/downloads/

If remote access is enabled, disable it unless absolutely necessary. Use an access control list (ACL) and enable 2FA if possible. For unpatched routers, disable both remote access (admin) and SSL VPN. Note: ACL doesn’t apply to SSL VPN (Port 443), so temporarily disable SSL VPN until upgraded.

Sometimes it is better to switch off all VPN types in the Remote Access Control page – see below: