I have some questions and concerns regarding the Peplink Balance product. I love device and have deployed over 40 of these myself.
Is there a way to install public SSL certificate to replace the one used for management over HTTPS?
While doing a vulnerability assessment against Peplink Balance firmware 5.4.9 we came across a vulnerability where port tcp/32015, which is used for SpeedFusion is presenting a self signed certificate that is yet different from the one presented over HTTPS management. The certificate presented over tcp/32015 has CN=Peplink OU=Peplink, O=Peplink, L=Hong_Kong, ST=Hong_Kong, C=HK. Is there a way to replace this certificate with a publicly signed one?
The SSL server on port tcp/32015 used for SpeedFusion also supports DES(56) as a supported cipher. Can this be disabled in a future release?