DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Vigor 2820 Management fails PCI scan

  • davemarks
  • Topic Author
  • Offline
  • New Member
  • New Member
More
01 Aug 2010 20:57 #63091 by davemarks
Vigor 2820 Management fails PCI scan was created by davemarks
Hi All

Trying to get our office IP to pass a PCI scan and have found that the web management is failing on a couple of errors

I really need this to be open to the web, but could possibly limit to just one outside IP but worried that this still returns a blank page and might still fail - waiting for the scan to come back

below are the errors I get, anyone know if I can resolve these? firmware upgrade maybe?

Security Vulnerabilities
Protocol Port Program Risk Summary
TCP 8080 http-alt 4 Synopsis : The remote web server is prone to cross-site scripting attacks. Description : The remote host is running a web server that fails to adequately sanitize request strings of malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML and script code to be executed in a user's browser within the security context of the affected site. See also : http://en.wikipedia.org/wiki/Cross-site_ scripting Solution: Contact the vendor for a patch or upgrade. Risk Factor: Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N) CVE : CVE-2002-1060, CVE-2003-1543, CVE-2005-2453, CVE-2006-1681 BID : 5305, 7344, 7353, 8037, 14473, 17408 Other references : OSVDB:18525, OSVDB:24469, OSVDB:42314, OSVDB:4989, OSVDB:58976

Part of the message is hidden for the guests. Please log in or register to see it.

Please Log in or Create an account to join the conversation.

More
02 Aug 2010 07:57 #63093 by j.baker
Replied by j.baker on topic Vigor 2820 Management fails PCI scan
You can disable the remote management option that should stop the 2820 to responding tio external connectivity on 8080.

Login to the router, go to System Maintenance and then Management.

remove all of the check boxes from the "Allow management from the Internet". You may also want to disable PING as well. Press OK, may need a reboot. Try the PCI scan again.

This should stop the 2820 from responding externally.

Otherwise, you can add a firewall rule to stop the traffic.

This should allow your router to comply with PCI section § 1.1 (1.1.3, 1.1.5); 1.2; 1.3
(1.3.1‐1.3.8); 1.4; § 2.1; 2.2 (2.2.2‐2.2.4); 2.3

Regards

John Baker


Vigor2820 series with firmware 3.3.5.2_RC2
ADSL

Please Log in or Create an account to join the conversation.

  • davemarks
  • Topic Author
  • Offline
  • New Member
  • New Member
More
02 Aug 2010 10:35 #63097 by davemarks
Replied by davemarks on topic Vigor 2820 Management fails PCI scan
Hey there

Thanks for the response

I'm aware you can do this, hence why I tried limiting the access to a specific IP, but alas this still failed to as the web interface responds with a blank page and also get another error this time that its given away an internal ip through the headers

As I said in my original post, I want to be able to get to the web interface remotely so was looking for a fix of the issue

Thanks

Dave

Please Log in or Create an account to join the conversation.

More
02 Aug 2010 10:41 #63098 by j.baker
Replied by j.baker on topic Vigor 2820 Management fails PCI scan
I would contact draytek support. This forum is not closely monitored (if at all). The other option is to setup a VPN, to remotely connect to the router. It is secure. Port 8080 is not a secure port, unless you enable the https connection option.

Regards

John Baker


Vigor2820 series with firmware 3.3.5.2_RC2
ADSL

Please Log in or Create an account to join the conversation.

Moderators: Sami