Cradlepoint are issuing a security patch included in firmware 5.3.4.
Devices affected are those running firmware versions 5.3.0-5.3.3 and have the HTTP Proxy Content Filtering feature enabled. (Devices not affected include any running firmware prior to 5.3.0, the Cradlepoint MBR95, or the CBR400/450.)
If your devices are affected then the below details the recommended mitigation steps – or otherwise please contact your Westbase Technology account manager on +44 (0) 1291 437 567 who will advise you.
Mitigation Steps: what actions do I take?
Customers running firmware 5.3.0 – 5.3.3 have three options:
- Disable HTTP Proxy Content Filtering.
- Upgrade to firmware version 5.3.4 (released 24/2/15).
- Create a firewall rule to block access to the proxy from the WAN. Click here for instructions on creating the firewall rule.
Upgrading to New Firmware
For Cradlepoint and Westbase, protecting your network is our first priority.
As part of Cradlepoint’s new firmware policy, Cradlepoint is releasing a Security Patch in firmware 5.3.4 to all affected customers through Enterprise Cloud Manager, via the firmware update options in the router user interface and via the Cradlepoint Connect Portal.
Westbase customers should please contact their account managers for further help by emailing firstname.lastname@example.org or calling +44 (0) 1291 437 567.