New BIG Firmware release for Conel routers. There is a lot of sub-utilities updates to current version, which in general fixes all security vulnerabilities. Predominantly only theoretical ones.
I will list changes, which affect all models. The rest you could find in pdf List of FW 5.2.0 Changes.pdf as there is much more to it.
Changes for all routers
Added support of second SNMP user
Two users are supported in SNMPv3. One user can read only. The other can read and write. Two communities are supported in SNMPv1/v2. One can read only. The other can read and write. This can be configured via the Web interface of the router. These are only SNMP users/communities, not the router configuration users.
Added support of caching static files
A document caching feature was added to the mhttpd Webserver in the router. This was added because the webserver would not respond properly if the IP address of the opposite communicating device changed.
Fixed potential vulnerability in parsing malformed HTTP request
There was a potential vulnerability – a malformed HTTP request could potentially execute an arbitrary code or crash the Webserver. This is now fixed.
Fixed separation of HTTP headers to comply with RFC 2616
There was non-standard HTTP headers termination in the HTTP request answer. Sometimes this caused non-standard behavior in the communication. The termination of headers was corrected according to RFC 2616 and it is now working properly.
Fixed filtering of VRRP packets in firewall
The VRRP did not work with 100 % reliability when the firewall was enabled. Some additional rules have been added to the iptables to fix this and to make the VRRP fully reliable.
Fixed checking of type of recevied VRRP packets
There was a problem with filtering out of VRRP packets with wrong type. This has been fixed – only packets with ADVERTISEMENT type are accepted.
