When can we get security updates for devices stuck at older firmware and unable to update to the latest firmware?
Security updates for 6.3.5
https://forum.peplink.com/t/peplink-security-advisory-firmware-635-os-command-injection-and-cross-site-scripting-xss-vulnerabilities/656db05bba7678183485b61e/1
Security updates for 8.3.0 devices
https://forum.peplink.com/t/peplink-security-advisory-firmware-830-command-injection-cve-2023-49226/658ba0716c1340019fc869e6/1
@Jonathan_Pitts : Interesting you mention this. I recently sent a PM to @WeiMing regarding this very issue. There is an apparent disconnect between Peplink’s stated policy vis-a-vis “maintenance releases” and what’s actually happening. Now would be a very good time to issue the updates you mention – which would include new certificates so these devices can, once again, be used with Router Utility.
Yes I don’t feel comfortable running the devices with those
I guess my phone cut it off.
I don’t feel comfortable running the device devices with thoose vulnerabilities.
It’s my understanding that peplink continues to provide incremental security releases/firmware to devices that don’t receive new mainstream firmware.
Another issue is the router utility also doesn’t function as the built in certificate is expired.