PatchSiren

DrayTek CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

Known exploited DrayTek CVE published 2025-05-15

CVE-2024-12987

CVE-2024-12987 is a DrayTek Vigor Routers OS command injection vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2025-05-15. Because it is listed in KEV, defenders should treat it as an active-exploitation risk and prioritize vendor-recommended mitigations immediately.