An uninitialized variable in the HTTP CGI request arguments processing component of Vigor Routers running DrayOS may allow an attacker the ability to perform RCE on the appliance through memory corruption.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Fri, 03 Oct 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
Fri, 03 Oct 2025 11:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An uninitialized variable in the HTTP CGI request arguments processing component of Vigor Routers running DrayOS may allow an attacker the ability to perform RCE on the appliance through memory corruption. | |
Title | CVE-2025-10547 | |
References |
|

Status: PUBLISHED
Assigner: certcc
Published:
Updated: 2025-10-03T14:34:32.239Z
Reserved: 2025-09-16T11:35:24.694Z
Link: CVE-2025-10547

Updated: 2025-10-03T14:33:10.714Z

Status : Received
Published: 2025-10-03T12:15:42.993
Modified: 2025-10-03T16:16:16.330
Link: CVE-2025-10547

No data.

No data.