Looks like the RV042G needs another firmware updates as the units we have in the field are now not passing PCI DSS Scans. Dealing with the compliance scanning companies, they are telling me that the firmware is the way to fix this. Here are the errors reported:
Cross-site scripting vulnerability in portalname parameter to /cgibin/userLogin.cgi - FAIL
Description: Several types of web servers and CGI programs include the user's request in their response. For example, a request for the page http://server/nonexistent_page.html may cause server to respond: The page nonexistent_page.html does not exist on this server.
Response splitting vulnerability in portalname parameter to /cgibin/userLogin.cgi - FAIL
Description: Some programs on web servers place user- supplied parameters into certain HTTP headers.
I am using port 443 for remote access to the devices. Moving the port simply changes the reported failure to that port. Any suggestions or has anyone heard for a firmware update coming soon for this device?
The failure i am getting for PCI compliance is that the SSL Keylength is to short (1024 bits instead of the required 2048 bits) the error is comming on port 60443 (The port used by quickvpn - a service I am not using)
Unfortunately I do not think Cisco is going to do anything about this. I have emailed my sales support contact (no response), called tech support (clueless on when or if there will be a firmware update - the only way to fix this) and posted here (no response from Cisco).
With that said, we have begun a transition away from Cisco Small Business gear. While this is disappointing for us, supporting their router platform is just not a priority for them (or so it seems).
If we get lucky, maybe a new firmware will drop. Fingers crossed!
If I find or get more information I will post back here (please do the same).
Hi every one!!!When you are configuring a remote VPN connection, there
are some steps that are lost on the path. Here you can see those steps.
A) In your Cisco device: 1. Ensure you don´t have any rule denying the
traffic between the device and the remote...
** Update **These and a number of other issues have been addressed in
SRP520 MR3. Please see https://supportforums.cisco.com/docs/DOC-13853
for details on how to access this code.There have been a number of
reports of the SRP500 becoming unresponsive afte...
STANDARDSOURCECOMMENTSEthernet RJ-45 connector pin number12345678IEEE
802.3afusing data pairsRXDC+RXDC+TXDC-sparespareTXDC-sparespareIndustry
Standard for Embedded POE(used by Cisco Catalyst Switches)IEEE
802.3afusing spare pairs RXRXTXDC+DC+TXDC-DC-Indus...