CVE-2023-48795 is found when my security team check peplink device. My peplink device firmware is 8.3.0. How to solve this vulnerability on peplink and should I do upgrading peplink firmware? If I should, which firmware is fix to solve this vulnerability?
Engineering team had verified this in firmware v8.5.0 and confirmed we are not vulnerable to this vulnerability.
Looking at you are using an older version of firmware, can you perform a firmware upgrade to v8.5.2 (our latest GA firmware) to take advantage of all the improvements.
You may get the latest firmware here
2 Likes
@Oh_Yaw_Theng What about devices that cannot go higher than 8.3.0? Is there a hotfix firmware to ensure we can secure devices that are still in use and stuck on 8.3.0?
2 Likes
@ChristopherSpitler I will help to verify this and get back to you.
2 Likes
Hey there, any update?
2 Likes
@Oh_Yaw_Theng , nearly a year later, checking for an update 
1 Like
It is definitely recommended to keep your firmware up to date to ensure all security patches are applied. If your hardware supports the 8.5.x branch, that is currently the best way to address these vulnerabilities and keep the device secure.
That’s been addressed above. The issue is 1) their peplink can’t go above 8.3.0, and 2) peplink has a known root CVE on 8.3.0 that isn’t patched in, say, an 8.3.1 release.
1 Like