ER605 Standalone Configuration & Reported Nessus Vulnerability

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

ER605 Standalone Configuration & Reported Nessus Vulnerability

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
ER605 Standalone Configuration & Reported Nessus Vulnerability
ER605 Standalone Configuration & Reported Nessus Vulnerability
2022-01-16 01:52:49 - last edited 2022-01-20 00:33:35
Model: ER605 (TL-R605)  
Hardware Version: V1
Firmware Version: 1.1.1 Build 20210723 Rel.64608

What a breeze to set up. Alot of functionality.  I installed it as the boundary router for the incoming WAN and daisy chained my NETGEAR R6260 behind it with it's WAN pointing to the ER605 LAN. This setup increased the stability & performance of my network with zero buffering now during media streaming on all 3 of my Firesticks and the 14 other hosts on my network. Amazing little router.

 

The only issue is that the NESSUS vulnerability scan shows the following critical finding on the ER605:  Plugin ID 150154 NGINX 1 Byte Memory Overwrite RCE with known exploitations.

 

I contacted TP-Link Support about this issue and asked about updating nginx to the latest version which is the reported solution. I'm hopeful they can address this in a future firmware release.

 

These are the Nessus findings that could be resolved if they can update nginx to the latest release:

 

CRITICAL / Plugin ID 150154 / nginx 0.6x < 1.20.1 1-Byte Memory Overwrite RCE

HIGH        / Plugin ID 118150 /  nginx < 1.10.1 / 1.11.x < 1.11.1 Denial-of-Service Vulnerability

HIGH        / Plugin ID 118151 / nginx Data Disclosure Vulnerability

MEDIUM   / Plugin ID 118956 / nginx 1.x < 1.14.1 / 1.15.x < 1.15.6 Mulitple Vulnerabilities

MEDIUM   / Plugin ID 134220 / nginx < 1.17.7 Information Disclosure

 

Nessus scores the CRITICAL Byte Memory Overwrite RCE vulnerability as the most dangerous to network security with the ER605.

 

**** UPDATE:  Tech Support responded back about this issue and advised that the ER605 is unaffected by this vulnerability but that they would patch NGINX in the February firmware upgrade anyway ****

 

  0      
  0      
#1
Options
1 Accepted Solution
Re:ER605 Standalone Configuration & Reported Nessus Vulnerability-Solution
2022-01-19 07:13:57 - last edited 2022-01-20 00:33:35

Dear @The_Windwalker,

 

The_Windwalker wrote

What a breeze to set up. Alot of functionality.  I installed it as the boundary router for the incoming WAN and daisy chained my NETGEAR R6260 behind it with it's WAN pointing to the ER605 LAN. This setup increased the stability & performance of my network with zero buffering now during media streaming on all 3 of my Firesticks and the 14 other hosts on my network. Amazing little router.

 

The only issue is that the NESSUS vulnerability scan shows the following critical finding on the ER605:  Plugin ID 150154 NGINX 1 Byte Memory Overwrite RCE with known exploitations.

 

I contacted TP-Link Support about this issue and asked about updating nginx to the latest version which is the reported solution. I'm hopeful they can address this in a future firmware release.

 

Thank you for your valued feedback!

 

From the bug description, this Nessus Vulnerability only affects devices that use Nginx to get DNS reply. However, TP-Link gateway only use Nginx to provide portal redirection feature, so TP-Link gateway is not impacted by this vulnerability. Please do not worry about it.

 

Still, the subsequent firmware update will synchronize the Nginx patch to keep the codes consistent.

>> Omada EAP Firmware Trial Available Here << *Try filtering posts on each forum by Label of [Early Access]*
Recommended Solution
  0  
  0  
#2
Options
1 Reply
Re:ER605 Standalone Configuration & Reported Nessus Vulnerability-Solution
2022-01-19 07:13:57 - last edited 2022-01-20 00:33:35

Dear @The_Windwalker,

 

The_Windwalker wrote

What a breeze to set up. Alot of functionality.  I installed it as the boundary router for the incoming WAN and daisy chained my NETGEAR R6260 behind it with it's WAN pointing to the ER605 LAN. This setup increased the stability & performance of my network with zero buffering now during media streaming on all 3 of my Firesticks and the 14 other hosts on my network. Amazing little router.

 

The only issue is that the NESSUS vulnerability scan shows the following critical finding on the ER605:  Plugin ID 150154 NGINX 1 Byte Memory Overwrite RCE with known exploitations.

 

I contacted TP-Link Support about this issue and asked about updating nginx to the latest version which is the reported solution. I'm hopeful they can address this in a future firmware release.

 

Thank you for your valued feedback!

 

From the bug description, this Nessus Vulnerability only affects devices that use Nginx to get DNS reply. However, TP-Link gateway only use Nginx to provide portal redirection feature, so TP-Link gateway is not impacted by this vulnerability. Please do not worry about it.

 

Still, the subsequent firmware update will synchronize the Nginx patch to keep the codes consistent.

>> Omada EAP Firmware Trial Available Here << *Try filtering posts on each forum by Label of [Early Access]*
Recommended Solution
  0  
  0  
#2
Options

Information

Helpful: 0

Views: 1002

Replies: 1

Related Articles