RomPager - Evaluation of Security Vulnerability – VU#561444 Expanded info on CVE-2014-9222, CVE-2014-9223

Many Digi products contain and use the RomPager by Allegrosoft web server technology. It has come to our attention that this embedded web server, which is used for management of our devices contains what we have defined as a critical vulnerability. We urge any customer who may have one of these products where the administrative webserver is available on non-secure networks to either upgrade the firmware to a patched version or to disable the web server for management of these devices.

Affected Products
ConnecPort TS8/16,
ConnectPort TS 4x4/4x2, Connect ES, Connect SP, Connect Wi-SP, Connect N2S, AnywhereUSB

Network Product Family Firmware Downloads

Product Family Part Number Description New Firmware Link to upgrade
ConnectPort TS 8/16 50001346-03 ConnectPort TS 8 MEI Download
  70002329 ConnectPort TS 8 MEI Dom Download
  70002330 ConnectPort TS 8 MEI Int'l Download
  50001346-04 ConnectPort TS 8 Download
  70002323 ConnectPort TS 8 Dom Download
  70002324 ConnectPort TS 8 Int'l Download
  50001551-01 ConnectPort TS 16 Download
  70002388 ConnectPort TS 16 Dom Download
  70002389 ConnectPort TS 16 Int'l Download
  50001551-03 ConnectPort TS 16 MEI Download
  70002534 ConnectPort TS 16 MEI Dom Download
  70002535 ConnectPort TS 16 MEI Int Download
  50001551-04 ConnectPort TS 16 RS 232 48Vin Download
  70002538 ConnectPort TS 16 48VDC Download
ConnectPort TS 4x4/4x2 50001662-02 ConnectPort TS 4x4 Download
  50001662-03 ConnectPort TS 4x2 Download
  CPTS-4R4E ConnectPort TS 4x4 Download
  CPTS-4R2E ConnectPort TS 4x2 Download
Connect ES 50001320-17 Connect ES 8,4+1 SB EU Download
  DC-ES-8SB-SW-EU Connect ES 8,4+1 SB EU Download
  50001320-18 Connect ES G2 8Ser/1Ether Download
  DC-ES-8SB-EU Digi Connect ES 8 SB EU Download
  50001320-19 Connect ES G2 4Ser/5Ether Download
  DC-ES-4SB-SW-EU Connect ES 4,4+1 SB EU Download
  50001320-20 Connect ES G2 4Ser/1Ether Download
  DC-ES-4SB-EU Connect ES 4 SB EU Download
Connect SP 50001340-19 Connect SP -S MEI noPOE noJTAG Python 2.12.4 Download
  DC-SP-01-S Connect SP -S Domestic 2.12.4 Download
  DC-SP-01-S-W Connect SP -S International 2.12.4 Download
Connect Wi-SP 50001312-18 Connect Wi-SP -S Python Download
  DC-WSP-01-S Connect Wi-SP Domestic Download
  DC-WSP-01-S-W Connect Wi-SP International Download
Connect N2S 50001375-01 Connect N2S-170 Download
  DC-N2S-170-S Connect N2S-170 Download
AnywhereUSB 50001681-01 AnywhereUSB/14 v1.92.2004 Download
  AW-USB-14 AnywhereUSB/14 v1.92.2004 Download
  AW-USB-14-W AnywhereUSB/14, Intl v1.92.2004 Download
  50001686-03 Assy,AnywhereUSB TS44 v1.92.2005 Download
  AW-TS-44 AnywhereUSB TS v1.92.2005 Download
  50001689-01 Assy,Anywhere USB/2 v1.92.2001 Download
  AW-USB-2 AnywhereUSB/2 v1.92.2001 Download
  AW-USB-2-W AnywhereUSB/2, Intl v1.92.2001 Download
  50001698-01 AnywhereUSB/5 v1.92.2001 Download
  AW-USB-5 AnywhereUSB/5 Gen2 v1.92.2001 Download
  AW-USB-5-W AnywhereUSB/5 Intl Gen2 v1.92.2001 Download
  50001698-04 AnywhereUSB/5 MHC v1.92.2003 Download
  AW-USB-5M AnywhereUSB/5 MHC v1.92.2003 Download
  AW-USB-5M-W AnywhereUSB/5 MHC Intl v1.92.2003 Download
Last updated: Aug 08, 2017

Filed Under


Recently Viewed

No recently viewed articles