Vulnerability scan

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Vulnerability scan
Vulnerability scan
2022-02-24 16:52:15 - last edited 2022-07-27 06:33:21
Hardware Version: V1
Firmware Version: 1.2

Team,

 

See also attached image:

We just finished a vulnerability scan against our TL-ER7206 v1.0 (firmware 1.2).

There are 2 issues that would prevent us from onboarding a (potential) customer because of PCI-DSS compliance.

One issue is related to the embedded version of nginx and the other is about SSL3/TLS1 support.

 

Please allow:

- an upgrade of the embedded nginx server and

- a configurable option disabling support for SSL3/TLS1

 

Feel free to contact me of there are any questions.

 

 

With warm regards - Will

 

=====

 

 

 

 

*** making it run like clockwork ***
0
0
#1
Options
1 Accepted Solution
Re:Vulnerability scan-Solution
2022-03-01 07:44:09 - last edited 2022-07-27 06:33:21

Dear @ITV,

 

ITV wrote

See also attached image:

We just finished a vulnerability scan against our TL-ER7206 v1.0 (firmware 1.2).

There are 2 issues that would prevent us from onboarding a (potential) customer because of PCI-DSS compliance.

One issue is related to the embedded version of nginx and the other is about SSL3/TLS1 support.

 

Please allow:

- an upgrade of the embedded nginx server and

- a configurable option disabling support for SSL3/TLS1

 

Feel free to contact me of there are any questions.

 

Thanks for posting your concern on TP-Link Community!

 

Regarding the Nginx version, here is a similar feedback for your information.

ER605 Standalone Configuration & Reported Nessus Vulnerability

 

As for the support for SSL3/TLS1, I'd like to escalate your case to the TP-Link support team for further investigation.
They will reach you via your registered email address shortly, please pay attention to your email box later.

 

Update on June 15, 2022:

The firmware 1.2.1 has been released to fix the vulnerability caused by supporting SSL2.0/3.0.

ER605 ER7206 v1.2.1 Firmware Release

Get Started Here: https://community.tp-link.com/en/business/forum/topic/551684 https://community.tp-link.com/en/business/forum/topic/552406
Recommended Solution
0
0
#2
Options
2 Reply
Re:Vulnerability scan-Solution
2022-03-01 07:44:09 - last edited 2022-07-27 06:33:21

Dear @ITV,

 

ITV wrote

See also attached image:

We just finished a vulnerability scan against our TL-ER7206 v1.0 (firmware 1.2).

There are 2 issues that would prevent us from onboarding a (potential) customer because of PCI-DSS compliance.

One issue is related to the embedded version of nginx and the other is about SSL3/TLS1 support.

 

Please allow:

- an upgrade of the embedded nginx server and

- a configurable option disabling support for SSL3/TLS1

 

Feel free to contact me of there are any questions.

 

Thanks for posting your concern on TP-Link Community!

 

Regarding the Nginx version, here is a similar feedback for your information.

ER605 Standalone Configuration & Reported Nessus Vulnerability

 

As for the support for SSL3/TLS1, I'd like to escalate your case to the TP-Link support team for further investigation.
They will reach you via your registered email address shortly, please pay attention to your email box later.

 

Update on June 15, 2022:

The firmware 1.2.1 has been released to fix the vulnerability caused by supporting SSL2.0/3.0.

ER605 ER7206 v1.2.1 Firmware Release

Get Started Here: https://community.tp-link.com/en/business/forum/topic/551684 https://community.tp-link.com/en/business/forum/topic/552406
Recommended Solution
0
0
#2
Options
Re:Vulnerability scan
2022-03-01 18:25:46 - last edited 2022-03-01 18:26:21

Thank you for your to the point response. Looking forward to the february update and the support team on the SSL/TLS issue.

 

With warm regards - Will

*** making it run like clockwork ***
0
0
#3
Options