Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
779
Views
0
Helpful
4
Replies

trying to upgrade firmware on an rv042 small business VPN router and it keeps failing.

19461
Level 1
Level 1

‎02-24-2020 08:52 PM

I have a site running a rv042 small business VPN router.  It is not passing PCI compliance scans because it has expired certificates, and old tls, etc etc.

 

I downloaded new firmware "RV0XX_v4.2.3.10_20191004-code.bin" and it uploads but then just goes to a browser screen showing an empty response, doesn't seem like the router ever goes down or restarts.  just doesn't do anything.... 

This page isn’t working

xxx.xxx.xxx.xxx didn’t send any data.

ERR_EMPTY_RESPONSE
 
 
Labels:
0 Helpful
4 Replies 4

19461
Level 1
Level 1

‎02-24-2020 09:03 PM - edited ‎02-24-2020 09:04 PM

these are the errors the PCI Scan is finding i need to resolve....

 

SSL Certificate - ExpiredLearn More 60443 tcp Certificate #0 SN=California,L=Irvine,C=US,O=Cisco-Linksys\,_LLC,OU=RV042,CN=00:16:b6:89:a ...

SSL Server Supports Weak Encryption VulnerabilityLearn More 60443 tcp CIPHER KEY-EXCHANGE AUTHENTICATION MAC ENCRYPTION(KEY-STRENGTH) GRADE SSLv2 WEAK CIPHERS ...

 

Deprecated Public Key LengthLearn More 60443 tcp Certificate #0 RSA Public Key (1024 bit) RSA Public-Key: (1024 bit) Modulus: 00:b4:fc:2a:d ...

SSL Server Has SSLv2 Enabled VulnerabilityLearn More 60443 tcp Established SSLv2 connection using DES-CBC3-MD5 cipher.

SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Server Side Vulnerability (BEAST)Learn More 60443 tcp Available non CBC cipher Server's choice SSL version RC4-SHA DES-CBC3-SHA SSLv3 RC4-S ...

SSL/TLS use of weak RC4(Arcfour) cipherLearn More 60443 tcp CIPHER KEY-EXCHANGE AUTHENTICATION MAC ENCRYPTION(KEY-STRENGTH) GRADE SSLv2 WITH RC4 CIPHE ...

SSL Certificate - Signature Verification Failed VulnerabilityLearn More 60443 tcp Certificate #0 SN=California,L=Irvine,C=US,O=Cisco-Linksys\,_LLC,OU=RV042,CN=00:16:b6:89:a ...

TLS ROBOT Vulnerability DetectedLearn More 60443 tcp ROBOT vulnerability found on TLSv1 with a weak oracle

SSL/TLS Server supports TLSv1.0Learn More 60443 tcp TLSv1.0 is supported

SSLv3 Padding Oracle Attack Information Disclosure Vulnerability (POODLE)Learn More 60443 tcp

SSL Server Has SSLv3 Enabled VulnerabilityLearn More 60443 tcp SSLv3 is supported

0 Helpful

19461
Level 1
Level 1

‎02-24-2020 09:17 PM

they have been using the router for a while, and so as I read more I am probably not running a hardware version that is supported by the latest firmware... but would like the latest version that I can get but can't find any older versions on the site the download....
0 Helpful

19461
Level 1
Level 1
In response to 19461

‎02-24-2020 09:19 PM

serial number is DHY007A12010 and the firmware on the device now is 1.3.9
0 Helpful

19461
Level 1
Level 1
In response to 19461

‎02-24-2020 09:34 PM

alternatively if i could turn off port 60433 on the router, which i believe is used for "quickvpn" client, that might work for me as well.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents