DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
Vigor 2820 Management fails PCI scan
- davemarks
- Topic Author
- Offline
- New Member
Less
More
- Posts: 3
- Thank you received: 0
01 Aug 2010 20:57 #63091
by davemarks
Vigor 2820 Management fails PCI scan was created by davemarks
Hi All
Trying to get our office IP to pass a PCI scan and have found that the web management is failing on a couple of errors
I really need this to be open to the web, but could possibly limit to just one outside IP but worried that this still returns a blank page and might still fail - waiting for the scan to come back
below are the errors I get, anyone know if I can resolve these? firmware upgrade maybe?
Security Vulnerabilities
Protocol Port Program Risk Summary
TCP 8080 http-alt 4 Synopsis : The remote web server is prone to cross-site scripting attacks. Description : The remote host is running a web server that fails to adequately sanitize request strings of malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML and script code to be executed in a user's browser within the security context of the affected site. See also :http://en.wikipedia.org/wiki/Cross-site _ scripting Solution: Contact the vendor for a patch or upgrade. Risk Factor: Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N) CVE : CVE-2002-1060, CVE-2003-1543, CVE-2005-2453, CVE-2006-1681 BID : 5305, 7344, 7353, 8037, 14473, 17408 Other references : OSVDB:18525, OSVDB:24469, OSVDB:42314, OSVDB:4989, OSVDB:58976
Part of the message is hidden for the guests. Please log in or register to see it.
Trying to get our office IP to pass a PCI scan and have found that the web management is failing on a couple of errors
I really need this to be open to the web, but could possibly limit to just one outside IP but worried that this still returns a blank page and might still fail - waiting for the scan to come back
below are the errors I get, anyone know if I can resolve these? firmware upgrade maybe?
Security Vulnerabilities
Protocol Port Program Risk Summary
TCP 8080 http-alt 4 Synopsis : The remote web server is prone to cross-site scripting attacks. Description : The remote host is running a web server that fails to adequately sanitize request strings of malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML and script code to be executed in a user's browser within the security context of the affected site. See also :
Part of the message is hidden for the guests. Please log in or register to see it.
Please Log in or Create an account to join the conversation.
- j.baker
- Offline
- Junior Member
Less
More
- Posts: 55
- Thank you received: 0
02 Aug 2010 07:57 #63093
by j.baker
Regards
John Baker
Vigor2820 series with firmware 3.3.5.2_RC2
ADSL
Replied by j.baker on topic Vigor 2820 Management fails PCI scan
You can disable the remote management option that should stop the 2820 to responding tio external connectivity on 8080.
Login to the router, go to System Maintenance and then Management.
remove all of the check boxes from the "Allow management from the Internet". You may also want to disable PING as well. Press OK, may need a reboot. Try the PCI scan again.
This should stop the 2820 from responding externally.
Otherwise, you can add a firewall rule to stop the traffic.
This should allow your router to comply with PCI section § 1.1 (1.1.3, 1.1.5); 1.2; 1.3
(1.3.1‐1.3.8) ; 1.4; § 2.1; 2.2 (2.2.2‐2.2.4); 2.3
Login to the router, go to System Maintenance and then Management.
remove all of the check boxes from the "Allow management from the Internet". You may also want to disable PING as well. Press OK, may need a reboot. Try the PCI scan again.
This should stop the 2820 from responding externally.
Otherwise, you can add a firewall rule to stop the traffic.
This should allow your router to comply with PCI section § 1.1 (1.1.3, 1.1.5); 1.2; 1.3
(1.3.1‐1.3.
Regards
John Baker
Vigor2820 series with firmware 3.3.5.2_RC2
ADSL
Please Log in or Create an account to join the conversation.
- davemarks
- Topic Author
- Offline
- New Member
Less
More
- Posts: 3
- Thank you received: 0
02 Aug 2010 10:35 #63097
by davemarks
Replied by davemarks on topic Vigor 2820 Management fails PCI scan
Hey there
Thanks for the response
I'm aware you can do this, hence why I tried limiting the access to a specific IP, but alas this still failed to as the web interface responds with a blank page and also get another error this time that its given away an internal ip through the headers
As I said in my original post, I want to be able to get to the web interface remotely so was looking for a fix of the issue
Thanks
Dave
Thanks for the response
I'm aware you can do this, hence why I tried limiting the access to a specific IP, but alas this still failed to as the web interface responds with a blank page and also get another error this time that its given away an internal ip through the headers
As I said in my original post, I want to be able to get to the web interface remotely so was looking for a fix of the issue
Thanks
Dave
Please Log in or Create an account to join the conversation.
- j.baker
- Offline
- Junior Member
Less
More
- Posts: 55
- Thank you received: 0
02 Aug 2010 10:41 #63098
by j.baker
Regards
John Baker
Vigor2820 series with firmware 3.3.5.2_RC2
ADSL
Replied by j.baker on topic Vigor 2820 Management fails PCI scan
I would contact draytek support. This forum is not closely monitored (if at all). The other option is to setup a VPN, to remotely connect to the router. It is secure. Port 8080 is not a secure port, unless you enable the https connection option.
Regards
John Baker
Vigor2820 series with firmware 3.3.5.2_RC2
ADSL
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek