Firmwares 7.0.1 and 6.3.4 Address Security Advisory CVE-2017-8835 ~ 8840

Recently, a security research lab has informed us that they have found several vulnerabilities affecting multiple vendors. For Peplink firmware, it affects 7.0 and 6.3.3. Here are the details:

CVE-2017-8835
CVE-2017-8836
CVE-2017-8837
CVE-2017-8838
CVE-2017-8839
CVE-2017-8840
CVE-2017-8841

Products
The vulnerabilities were identified in the Balance, MAX, MediaFast, Surf SOHO, and FusionHub product families for firmware versions 7.0 and below. AP series are not affected.

Recommendations
Option 1 - Upgrade Firmware: Upgrade the firmware of your router to Firmware 7.0.1 or Firmware 6.3.4 as soon as possible. Here is the download link.

Option 2 - Defensive Steps: If an end user is unable to upgrade firmware, or cannot risk testing this in a critical production network, they should:

Switch Web Admin Access from LAN/WAN to LAN Only (System>Admin Security) - Most secure
-or-
Limit the “Allowed Source IP Subnets” to known safe WAN IPs that they could administer the router from
3 Likes

Interesting results upgrading rout routers:

  1. SOHO, HW ver 1: Went fine; now running 6.3.4
  2. SOHO, HW ver 2, Went fine; now running 7.0.1
  3. Balance 20, HW ver 2; The router’s web UI was totally unresponsive and had to be powered off/on [hate doing that]; upgrade failed and still running 7.0.0.
  4. Balance 20; HW ver 3; Went fine; now running 7.0.1

Three of these devices are hundreds of miles away – sure am glad the one that required the hard reset was not out in the middle of nowhere!

Is the recommendation for case #3 to try again?

1 Like

I would treat it as a single failed attempt and try again. Are you using IC2 to push down the new FW?

1 Like

Hi Tim. No, we do not use IC2 for any of the devices for which we are responsible.

1 Like

Hi again Tim. We’re seeing it the same way. Not sure what that was all about but the 2nd attempt was successful. We’ll proceed with upgrading a few more … :<)

1 Like

Good deal Rick!

1 Like