Home > Support > Knowledge Base
Knowledge Base
 
Reset Search
Search
 

 

Knowledge

Connect WAN 3G/4G Family - RomPager - Evaluation of Security Vulnerability – VU#561444 Expanded info on CVE-2014-9222, CVE-2014-9223

« Go Back

Information

 
Article Number000007206
Problem Resolution
Overview
Many Digi products contain and use the RomPager by Allegrosoft web server technology. It has come to our attention that this embedded web server, which is used for management of our devices contains what we have defined as a critical vulnerability. We urge any customer who may have one of these products where the administrative webserver is available on non-secure networks to either upgrade the firmware to a patched version or to disable the web server for management of these devices.


Affected Products
Connect WAN 3G, Connect WAN 3G IA, Connect WAN 4G

Connect WAN 3G/4G Family Firmware Downloads

 
Product FamilyPart NumberDescriptionNew FirmwareLink to upgrade
Connect WAN 3GDC-WAN-B101-AConnect WAN 1XRTT Sprint2.17.6.4Download
 DC-WAN-B205Connect WAN IA X1RTT VZW2.17.6.4Download
 DC-WAN-E300-WConnect WAN 3G Cell Ready W2.17.6.4Download
 DC-WAN-T302-AConnect WAN 3G AT&T w/Ant2.17.6.4Download
 DC-WAN-T311-AConnect WAN 3G Verizon2.17.6.4Download
 DC-WAN-U301-AConnect WAN 3G HSPA w/ Ant2.17.6.4Download
 DC-WAN-U801Connect WAN 3G G3K no Access2.17.6.4Download
 DC-WAN-U801-AConnect WAN 3G G3K US2.17.6.4Download
 DC-WAN-U801-WConnect WAN 3G G3K Int2.17.6.4Download
 DC-WAN-U901-AConnect WAN 3G HSPA+ US2.17.6.4Download
 DC-WAN-U901-WConnect WAN 3G HSPA+ Int2.17.6.4Download
Connect WAN 3G IADC-WAN-P501Connect WAN 3G IA HSPA2.17.6.4Download
 DC-WAN-U805Connect WAN 3G IA G3K2.17.6.4Download
 DC-WAN-U905Connect WAN 3G IA HSPA+2.17.6.4Download
Connect WAN 4GDC-WAN-Y301-AConnect WAN 4G2.17.6.4Download

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255