Mongobleed

Eg64

2026-01-04 06:37:16 - last edited Tuesday

Posts: 52

Helpful: 10

Solutions: 6

Stories: 0

Registered: 2022-11-24

Mongobleed

2026-01-04 06:37:16 - last edited Tuesday

Tags: #Controller

Dear Team,

Does the security issue reported for Mongo CVE-2025-14847 also apply for the software-based Omada controller?
One recommendation offered to remedy - in case no immediate update to a patched version is possible - was to close down port 27217 which is however necessary for the Omada controller to run.

Or not relevant as also not mentioned in the port forwarding section in the configuration document https://support.omadanetworks.com/uy/document/13090/ ?

Thanks!

1 Accepted Solution

MR.S

LV6

2026-01-04 07:45:18 - last edited Tuesday

Posts: 3122

Helpful: 1097

Solutions: 451

Stories: 0

Registered: 2018-08-17

Re:Mongobleed-Solution

2026-01-04 07:45:18 - last edited Tuesday

@Eg64

If you are running omada on an ubuntu server you can upgrade mongodb, it is not possible with the windows installation since mongodb is built into the omada package, there are two versions either 3.6.23 and 7.0.14, both of which are covered by the threat.