I notice that the https sever in the rv220w does not support RFC 5746 (see CVE-2009-3555). Can an engineer confirm if session renegotiation is turned off on this server, or otherwise comment on the security implications of this?
This was an old vulnerability issue that affected many products.
Yes, SSL session renegotiation was disabled on RV220W to address CVE-2009-3555.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: