Weekly Update 13 February 2020
Security Advisory
Vigor3900 / Vigor2960 / Vigor300B Router Web Management Page Vulnerability (CVE-2020-8515)
A vulnerability has been discovered that allows attackers to gain unauthorised remote access to the router management page. This has been resolved in the latest firmware version 1.5.1.
It is recommended to immediately update the firmware in installed routers to the latest firmware release. If possible, it is recommended to use an access control list for remote access. If you have not updated the firmware yet, disable remote access (admin) and SSL VPN. The ACL does not apply to SSL VPN connections (Port 443) so you should also temporarily disable SSL VPN until you have updated the firmware.
Click here for more details.
Upcoming Webinar
DrayTek VigorACS 2 – Features and Benefits
Tuesday, February 18, 2020 10:00 AM
Duration 30 Minutes
You are invited to attend our next free webinar presentation titled “DrayTek VigorACS 2 –Features and Benefits”.
It includes an overview of VigorACS 2 describing its functions and menu options, also discussed will be features and benefits as well as CPE configuration and management.
There will be time to ask questions at the end of the presentation.
To find out more, please join us for this interesting webinar.
Click here to register for this webinar
Latest Firmware
Vigor3900, Vigor2960, Vigor300B v 1.5.1
includes critical updates
· - Support Two-FA authentication for web login.
· - Support IKEv2 EAP Dial-Out LAN to LAN tunnel (NordVPN Server).
· - Support certificate choices for OpenVPN.
· - Support ACMEv2 for Let's Encrypt certificate.
Improvements
· - Improved the WebGUI security.
· - Add the options to enable/disable the SNMPv1 and SNMPv2 servers.
· - Change the default cipher for OpenVPN to AES-256-CBC.
· - Disallow enabling WAN Inbound Load Balance when there is no active profile.
· - Support Vietnam SMS provider.
· - Support static IP address for IKEv2 EAP.
For a full list of improvements refer to the release notes in the download link.
Click here to download the firmware.
To subscribe to our regular news updates, click on “Subscribe” option at: http://eepurl.com/gwBeUj
For more information on i-Lan Technology Pty visit http://www.i-lan.com.au/support/terms-conditions or email support@i-lan.com.au if you have a specific question that you would like addressed.
Related Articles
Weekly Update 7 February 2020
Upcoming Webinar DrayTek VigorACS 2 – Features and Benefits Tuesday, February 18, 2020 10:00 AM Duration 30 Minutes You are invited to attend our next free webinar presentation titled “DrayTek VigorACS 2 –Features and Benefits”. It includes an ...Weekly Update 15 June 2022
Upcoming Webinar Free Webinar – DrayTek VigorACS 3 Network Management Solution Tuesday 21st June 2022, 12:00 noon AEST Duration: 30 minutes Tune into our next YouTube Premiere webinar: DrayTek VigorACS 3 Network Management Solution This will be the ...Weekly Update 22 April 2020
Security Advisory Vigor3900 / Vigor2960 / Vigor300BStack-based buffer overflow Vulnerability (CVE-2020-10823 ~ CVE-2020-10828) This is a critical upgrade. You should upgrade affected VigorRouters as soon as possible to firmware v1.5.1 or later to ...Weekly Update 4 May 2022
Security Advisory OpenSSL vulnerability (CVE-2022-0778) Released Date: 2022-04-27 A Denial-Of-Service Vulnerability in OpenSSL (CVE-2022-0778) has been found recently. The BN_mod_sqrt() function in OpenSSL, which is used for parsing certificates ...Weekly Update 3 April 2024
Security Advisory Information Disclosure Vulnerability (CVE-2024-23721) Release Date: 2024-03-27 A vulnerability related to the disclosure of sensitive information has been discovered, potentially allowing an unauthenticated attacker to retrieve the ...