DrayTek, a leading manufacturer of business-class networking solutions, has released firmware update version 1.5.1 for the Vigor 2960 and Vigor 3900 in order to improve Web UI Protection.

Do not upgrade directly from 1.0.5 (and earlier) to 1.5.1.

Due to differences in the Web UI and functionality the router MUST first be upgraded to at least prior to upgrading to 1.5.1.

Upgrade your router to Version or later first, and afterwards upgrade the router to Version 1.5.1

DrayTek became aware of a possible exploit of the Vigor 2960 / 3900 related to the WebUI and have released an updated firmware to address this issue.

You should upgrade as soon as possible to 1.5.1 firmware or later.

If you have remote access enabled on your router, disable it if you don’t need it, and use an access control list if possible. If you have not updated the firmware yet, disable remote access (admin) and SSL VPN. The ACL does not apply to SSL VPN connections (Port 443) so you should also temporarily disable SSL VPN until you have updated the firmware. In order to protect users, no other information about the issue is being provided at present.

Products Not Requiring Updates for this issue:

The issue only affects the Vigor 2960 / 3900 / 300B and is not known to affect any other DrayTek products.

Release Notes

Firmware version 1.5.1


The DrayTek Vigor 2960 is a high-performance dual-Gigabit WAN firewall. The two dedicated Gigabit WAN ports can provide load balancing or WAN failover.

  • Load Balancing & WAN Failover
  • Native IPv4 & IPv6 dual-stack
  • Two Gigabit WAN ports
  • Four Gigabit LAN Ports
  • Twin Independent USB Ports
  • IPSec VPN – LAN-to-LAN or Teleworker (200 tunnels)
  • SSL VPN Tunnel or Web-Proxy (50 tunnels)
  • 802.1q Tagged and port-based VLANs
  • QoS Assurance on different traffic types
  • VPN Trunking (Backup/aggregation)
  • Mobile One-Time Passwords for Teleworker VPNs
  • Multiple LAN-side private IP subnets

The DrayTek Vigor 3900 is a high-performance quad-Gigabit WAN router for high-performance applications including remote access, firewalling, load-balancing and failover. Its WAN throughput runs at up to 1Gb/s, adequate for the most demanding SME applications.

  • Five Gigabit WAN ports (4 x Ethernet & 1 SFP)
  • Up to 50 WAN ports with optional Switch
  • WAN Load Balancing & WAN Failover
  • Up to 500 simultaneous IPSec/PPTP/L2TP Tunnels
  • Up to 100 SSL VPN Tunnels
  • 3 Gigabit LAN ports (2 x Ethernet & 1 x SFP)
  • IPv4 & IPv6 Dual-Stack
  • Two USB Ports for 3G/4G/LTE USB Modem or thermometer
  • 802.1q Tagged and port-based VLANs
  • QoS Assurance on different traffic types
  • VPN Trunking (aggregated/failover links)
  • Up to 50 WAN/LAN-side IP subnets

Expand your solution

Want to expand your communications solution further? Check out the full range of DrayTek products below! If you have any specific requirements, please contact our technical sales team on +44 330 088 0195.

Check out the original post here.