Business Community > All Threads > Mongobleed
< All Threads

Mongobleed

Mongobleed

Mongobleed
Mongobleed
Yesterday - last edited Yesterday
Tags: #Controller

Dear Team,

Does the security issue reported for Mongo CVE-2025-14847 also apply for the software-based Omada controller?
One recommendation offered to remedy - in case no immediate update to a patched version is possible - was to close down port 27217 which is however necessary for the Omada controller to run.

Or not relevant as also not mentioned in the port forwarding section in the configuration document  https://support.omadanetworks.com/uy/document/13090/ ?

Thanks!

  0      
 
  0      
 
#1
Options
2 Reply
Re:Mongobleed
Yesterday - last edited Yesterday

  @Eg64 

 

If you are running omada on an ubuntu server you can upgrade mongodb, it is not possible with the windows installation since mongodb is built into the omada package, there are two versions either 3.6.23 and 7.0.14, both of which are covered by the threat.

 

 

 

  0  
  0  
#2
Options
Re:Mongobleed
Yesterday

  @MR.S Thx. 
Have seen the recommendation to hotfix. Windows seems to be a problem then.

  0  
  0  
#3
Options

Information

Helpful: 0

Views: 63

Replies: 2

Tags

Controller
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.