DrayTek Vigor Firmware Warning

At time of writing, Lineal technical support staff are currently updating DrayTek Vigor firmware for all clients with known DrayTek equipment.


Enterprise Router provider DrayTek has called for urgent firmware updates, following discovery of a security vulnerability.

20 different business router models from DrayTek’s Vigor range are known to be affected by the security flaw, known as DNS hijacking, which may allow a third-party to alter DNS settings by issuing commands to a dormant session of the web-based DrayTek router control interface.

The unwelcome news marks the first major security flaw to befall the acclaimed networking equipment brand for some time – and comes less than a year since DrayTek won PC PRO’s ‘Best Router Brand Award’ for 2017.

A Vigor router showing IP number 38.134.121.95 is reported to be a likely indicator of compromise, and affected routers may exhibit unusual network behaviours.

DrayTek’s official guidance warns that this is likely to be only a preparatory ‘phase 1’ of any like cyber-attack by criminals, preparing re-direction of web traffic to compromised web pages which might capture unsuspecting users’ passwords or other sensitive information.

As a general security precaution, it’s always worth logging out of web-portals and other accounts not being used (including your email, social media, bank account and device itself… or indeed your router’s configuration panel.)

If you have a DrayTek Vigor router not covered by a Lineal Support Agreement with us, please get in touch for guidance.

Please check back for updates