Vulnerability Database

299,174

Total vulnerabilities in the database

CVE-2025-10547

An uninitialized variable in the HTTP CGI request arguments processing component of Vigor Routers running DrayOS may allow an attacker the ability to perform RCE on the appliance through memory corruption.

  • Published: Oct 3, 2025
  • Updated: Nov 5, 2025
  • CVE: CVE-2025-10547
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

No CWE or OWASP classifications available.

No affected software listed.