Home

Forums

Stories

Knowledge Base

Business Community > Controllers > Vulnerability scan

< Controllers

Vulnerability scan

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Vulnerability scan

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Vulnerability scan

ITV

2022-02-24 16:52:15 - last edited 2022-07-27 06:33:21

Posts: 145

Helpful: 64

Solutions: 5

Stories: 0

Registered: 2021-04-17

Vulnerability scan

2022-02-24 16:52:15 - last edited 2022-07-27 06:33:21

Model: ER7206 (TL-ER7206)

Hardware Version: V1

Firmware Version: 1.2

Team,

See also attached image:

We just finished a vulnerability scan against our TL-ER7206 v1.0 (firmware 1.2).

There are 2 issues that would prevent us from onboarding a (potential) customer because of PCI-DSS compliance.

One issue is related to the embedded version of nginx and the other is about SSL3/TLS1 support.

Please allow:

- an upgrade of the embedded nginx server and

- a configurable option disabling support for SSL3/TLS1

Feel free to contact me of there are any questions.

With warm regards - Will

=====

*** making it run like clockwork ***

1 Accepted Solution

Fae

2022-03-01 07:44:09 - last edited 2022-07-27 06:33:21

Posts: 3613

Helpful: 1355

Solutions: 474

Stories: 0

Registered: 2020-06-30

Re:Vulnerability scan-Solution

2022-03-01 07:44:09 - last edited 2022-07-27 06:33:21

Dear @ITV,

ITV wrote

See also attached image:

We just finished a vulnerability scan against our TL-ER7206 v1.0 (firmware 1.2).

There are 2 issues that would prevent us from onboarding a (potential) customer because of PCI-DSS compliance.

One issue is related to the embedded version of nginx and the other is about SSL3/TLS1 support.

Please allow:

- an upgrade of the embedded nginx server and

- a configurable option disabling support for SSL3/TLS1

Feel free to contact me of there are any questions.

Thanks for posting your concern on TP-Link Community!

Regarding the Nginx version, here is a similar feedback for your information.

ER605 Standalone Configuration & Reported Nessus Vulnerability

As for the support for SSL3/TLS1, I'd like to escalate your case to the TP-Link support team for further investigation.
They will reach you via your registered email address shortly, please pay attention to your email box later.

Update on June 15, 2022:

The firmware 1.2.1 has been released to fix the vulnerability caused by supporting SSL2.0/3.0.

ER605 ER7206 v1.2.1 Firmware Release

>> Omada EAP Firmware Trial Available Here << *Try filtering posts on each forum by Label of [Early Access]*

Recommended Solution

2 Reply

Fae

2022-03-01 07:44:09 - last edited 2022-07-27 06:33:21

Posts: 3613

Helpful: 1355

Solutions: 474

Stories: 0

Registered: 2020-06-30

Re:Vulnerability scan-Solution

2022-03-01 07:44:09 - last edited 2022-07-27 06:33:21

Dear @ITV,

ITV wrote

See also attached image:

We just finished a vulnerability scan against our TL-ER7206 v1.0 (firmware 1.2).

There are 2 issues that would prevent us from onboarding a (potential) customer because of PCI-DSS compliance.

One issue is related to the embedded version of nginx and the other is about SSL3/TLS1 support.

Please allow:

- an upgrade of the embedded nginx server and

- a configurable option disabling support for SSL3/TLS1

Feel free to contact me of there are any questions.

Thanks for posting your concern on TP-Link Community!

Regarding the Nginx version, here is a similar feedback for your information.

ER605 Standalone Configuration & Reported Nessus Vulnerability

Update on June 15, 2022:

The firmware 1.2.1 has been released to fix the vulnerability caused by supporting SSL2.0/3.0.

ER605 ER7206 v1.2.1 Firmware Release

>> Omada EAP Firmware Trial Available Here << *Try filtering posts on each forum by Label of [Early Access]*

Vulnerability scan

Vulnerability scan

Information

Voters 0

Tags