Hello all,
We just did and update on out-of-date and potentially vulnerable packages on RUT500 firmware. These packages are:
* dropbear (ssh): updated to 2017.75
* openssl: updated to 1.0.2q
* uhttpd (web services): updated to 2015-10-20
* curl (web services): updated to 7.63.0
You can find a download link of a firmware below.
Before flashing it on a large number of units - check whether all your currently used functionalities continues to function as expected.
Meanwhile, while testing and evaluating, this is what you must actively do:
- set SMS limits, balance limits for your SIM card plans. Disable SMS entirely, if it is not utilized whatsoever;
- set strong WebUI password (password change in newest firmware is mandatory);
- do not have Public Access (remote HTTP(s)/SSH access) open. If Public access is necessary, have it firewall'ed for specific source IP's and ports;
- Disable WiFi if unused. Use strong WiFi password otherwise;
Link to firmware:
https://wiki.teltonika-networks.com/view/Firmwares_for_Old_Devices
When upgrading firmware - check "do not keep settings" box. This shall restore the device to defaults, making sure any potential malicious scripts are gone.
IMPORTANT: if routers are in remote locations this upgrade, while not keeping settings, may render them inaccessible. Proceed with caution.
EDIT: fixed link to wiki