router_uk_broadband_connection_problem_illustration
A number of broadband ISPs from across the United Kingdom (and possibly other countries too), such as ICUK and Andrews & Arnold (AAISP), have this weekend noticed an unusual increase in internet disconnections among customers who have DrayTek routers at home or in the office. The issue seems to be caused by a “router vulnerability“.
Regular readers will know that DrayTek has been in the news a few times recently due to security vulnerabilities (here and here), although at this stage it’s not 100% clear if the latest event is due to one of those (i.e. an existing vulnerability that some customers have neglected to patch) or a newer exploit. But it appears to be the former.
According to A&A, the issue of related broadband lines dropping and then reconnecting seems to have started at around 9:28pm on Saturday (22nd March 2025) and ran until this morning. Several other ISPs observed the same activity (examples here and here) and the providers soon started linking it to a small number of users with DrayTek routers. The issue impacted both broadband connections and leased lines.
Advertisement
A&A Status Update @ Mar 23, 10:27AM
A problem with Draytek routers meant many around the country (or world?) had problems staying connected from 21:30PM on Saturday evening. We expect a software upgrade to resolve the problem and strongly suggest customers with Draytek routers upgrade their software or try a different make of router. We have sent SMS/Emails to many of the affected customers pointing them to this status post. We have also emailed Draytek for comment.
ICUK Status Update @ Mar 23, 9:55AM
Since 21:30 yesterday evening we have witnessed an unusually high volume of session drops, primarily impacting BT Wholesale and TalkTalk broadband sessions. The cause has been narrowed down to vulnerable firmware versions on Draytek routers.
If you are seeing broadband circuits exhibiting repeat short sessions, please upgrade the firmware to the latest version.
Likewise, if you are also using Draytek routers to support any Leased Lines, please also review the firmware version before undertaking any further trouble shooting.
Suffice to say, it’s quite telling that the title of ICUK’s status update is “Draytek Router Vulnerability“.