Rut240 Vulnerability CVE-2023-48795

Hi Guys

our Vul Scanner is picking up the following Vul (SSH TERRAPIN PREFIX TRUNCATION WEAKNESS (CVE-2023-48795) on our Rut240 Routers (FW RUT2_R_00.07.06.10).
Has anyboday else had this issue and if yes how did you fix it. The newest FW makes no mention of this.

appreciate the communities help with this one as I am stumped
Oli

1 Like

Hi,

Thank you for letting us know. Please share your findings with us at the following link for more private communication: Security Centre.

Best regards,

Hi thanks for the headsup. I just posted in the security center. Sadly I had to open it under Device RUT241 as you dont list the RUT240 in your list of affected Devices.
It also seems you fixed this VUL on the RUT241. Search for CVE-2023-48795 here → RUT241 Firmware Downloads - Teltonika Networks Wiki

Would be pretty neat if you could supply the same fix for the RUT240 :slight_smile:

best regards

Oli

Hi,

The RUT240 is currently in its end-of-life (EOL) term, which is why it is not listed for selection. However, even though devices are in EOL status, we still address security issues for them with additional firmware upgrades, and the RUT240 is no exception. Thank you once again for bringing this issue to our attention.

Kind regards,

Hi Glad I could help :slight_smile: Does this mean you will be offering a FW Hotfix for this Device in the near future?

best regards
Oliver

Hi,

Yes, it should come with the next firmware update.

Kind regards,

Thats great news! Many thanks for your quick response in looking into the Issue.
best regards