DrayTek — ~3 prefixes (MA-L)

DrayTek holds about 3 MA-L blocks registered as "DrayTek Corp." at No. 26 Fushing Rd., Hukou, Hsinchu Industrial Park, Hsinchu County, Taiwan. The verified prefix is 14:49:BC. These OUIs appear on SMB/prosumer routers, VPN routers, firewalls, managed switches, VoIP gateways, and wireless APs — most recognizably the Vigor series (e.g., Vigor 2860/2862/2926). DrayTek Vigor routers are popular in SMB/prosumer markets, especially in Europe and Asia, and DrayTek devices have been targeted in router-focused CVEs and botnet/exploitation campaigns over the years — relevant to identifying edge devices that need patching (DrayTek itself publishes a guide on identifying its products by MAC). For triage, a DrayTek OUI typically marks an SMB edge router/firewall — a high-value, internet-facing asset; given DrayTek's CVE history, an unmanaged DrayTek device at the perimeter is a patch-priority and rogue-gateway signal.

IEEE assignment

~3 prefixes → "DrayTek Corp.", registered Hsinchu County, Taiwan [Confirmed] — IEEE MA-L

Registry / block size

MA-L; 3 blocks [Confirmed] — maclookup.app (IEEE-sourced)

HQ / country

No. 26 Fushing Rd., Hukou, Hsinchu Industrial Park, Hsinchu County 30352, Taiwan [Confirmed] — IEEE MA-L

Company status

active [Confirmed] — maclookup.app

Device types

SMB/prosumer routers, VPN routers, firewalls, managed switches, VoIP gateways, wireless APs [Confirmed] — maclookup.app

Notable products

Vigor series routers (e.g., Vigor 2860/2862/2926)

Verified prefix

14:49:BC [Confirmed] — maclookup.app

Special note

DrayTek Vigor routers are popular in SMB/prosumer markets (esp. Europe/Asia). DrayTek devices have been targeted in router-focused CVEs and botnet/exploitation campaigns — relevant to identifying edge devices needing patching. The IEEE registry publishes no assignment dates, so none is stated here. [Confirmed] — draytek.co.uk

Related vendors

none (independent Taiwanese vendor)

Analyst note

A DrayTek OUI typically marks an SMB edge router/firewall — a high-value, internet-facing asset; given DrayTek's CVE history, an unmanaged DrayTek device at the perimeter is a patch-priority and rogue-gateway signal.