Intrusion Prevention System blocking printer
Just noticed after hours of troubleshooting the intrusion prevention system is considering my connection to my printer as a risk and is blocking it.
see picture attached (in Portuguese, sorry)
is there anything I can do besides turn it off completely?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi, thank you very much for the update.
Please refer to the following post:https://community.tp-link.com/en/home/forum/topic/846496
The latest news I have received is that the fixed patch will be updated in the next 2-3 days. It would be better to check next Monday.
Sorry for the inconvenience.
Best regards.
- Copy Link
- Report Inappropriate Content
@David-TP Thanks David for the update and link. Will try to re-test next week both services on the NAS and Printer - these are the ones I am pending the patch
| SNMP(CVE-2002-0013) | A fixed patch will be updated in the cloud database soon |
| CVE-technet.microsoft.com/en-us/secuOS-WINDOWS_Microsoft_Windows_TCP_print_sevice_overflow-attempt | |
| CVE-tools.cisco.com/security/cernter/protocol-SNMP_public_access_upd | |
| CVE-2017-7285 OS-LINUX_Linux-Kernel_Challenge_ACK_provocation_attempt |
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
I've reported on this in an another thread. However as this thread seem to be specific for this SNMP Protocol block issue, I'll add my findings here.
I want to mention its not only the Epson printer, software affected - HP in this household.
This is related to ticket: TKID251055426
And a log file has been sent with another ticket TKID251062808 after the event described below. (Maybe merge the two tickets and go with the first)
We are using a HP printer and their software "HP Smart"
- Installed on a HP Laptop Windows 11, Both HP Smart app and a windows print setup
- Installed on a Mac with both app HP Smart and macOS print from installed HP drivers
- Installed on an iPhone HP Smart app
- Installed on an Pixel Google Android
Below note of the block + description of disruption.
So far only this seem to be related to the HP Laptop. All four times it has been used, it has caused problems. Did run searches of malware and more and did not find any. Also followed other recommendation to look for possible threats but no success. I've looked for any Cisco software and tools in the HP Laptop but non are installed. Only on my Mac is the Webex app and browser plugin. However this only happens when the HP is used and in relation to this Block event. No printing was done or started when the block was triggered.
| Firmware | Event |
Note |
| 1.9.1 Build 20251020 Rel 38717 |
BLOCK 1 Attack from: 192.168.0.10 (HP Laptop) October 31st 11:28 AM |
PROTOCOL-SNMP_public_access_udp |
| 1.9.1 Build 20251020 Rel 38717 |
BLOCK 2 Attack from:192.168.0.10 (HP Laptop) October 31st 11:28 AM |
PROTOCOL-SNMP_request_udp (CVE-2002-0013) |
Description of disruption
| Unit/s | Description | |
| 1 | HP Laptop | I've been tracking the performance and blocks to our HP Laptop. All four different events triggered when this Laptop have been starting up and used. It's obvious. No printing (printer service) was sent or used. I have been scanning the laptop for malware and virus. I suspect the HP smart app and or Windows process. During/after the block event its not reaching any external websites. Can reach some internal clients as the Home Assistant server web UI. External ones seems blocked. Can ping several internal clients but not open any of the web UI's on the Support Server (in Linux). |
| 2 | Mac MacOS | Can ping some other clients but cant reach external websites. After restart I can browse websites as normal. Searched for malware and virus but didnt find anything. |
| 3 | Random devices clients |
Google TV can not connect to steaming services. Android phone gets blocked from browsing the web as normal. A PlayStation continues to operate as normal, no impact. The Support Server cannot operate as normal, either internally or externally. I tried to ping it from my Mac and I could reach it, however could not get to the UIs on the docker containers or any of the applications running. Functions and ALL communications between the Home Assistant and the Support server stopped (log indicates the same timestamp of the block above). Sonos stream was stopped and did not continue to play (like a temp disconnect, buffer) |
| 4 | Router and App | Can open the app, however it says the Deco Router is not reachable. Says its offline. |
| 5 | Access Points | Still green light is on all the other AP's. All units are greyed out in the app. |
New Firmware 1.9.1 Build 20250926 Rel. 53742 is loaded at 31st October around 6pm (GMT/UTC +1) I will test to
- Copy Link
- Report Inappropriate Content
@MrHomeAdmin interesting for me it was only the Android that got blocked. All windows and Apple were fine. However it's likely they weren't querying the printer like the specific vendor apps do but my android did do that and the firewall blocked it.
That said it's working for me again now.aince they patched it on Friday.Reboot all decos and then retest.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 1
Views: 669
Replies: 27
Voters 1
