I’m reporting a major security concern for both Force 200 and Elevate SM’s on versions 4.5.5 and higher. I have some SM’s setup with Public IP’s for customers and for security purposes, we always enable “Separate Wireless Management Interface” and put a private IP in there. When this normally works, the public Wireless IP Address is not accessible by design, which is what we want. We don’t ever want the public IP to be visible to the outside world.
The problem is I did IP scans on our network and found 4 SM’s that are accessible to the public, outside internet (not on our network) where you can ping and reach the login page. This is unacceptable and I’ve opened a ticket with Cambium to report the issue. Has anyone else seen this issue? We’ve configured the SM’s properly according to the manual and tips on the config page. Below is what the tip says that once the separate wireless management option is enabled, the device cannot be managed from the Wireless IP but we’re finding that to be untrue, which is a huge security risk.
Separate Wireless Management Interface:
The Separate Wireless Management Interface is used in [NAT] and [Router] modes. This allows for the device to be managed by a separate wireless management [IP] address which differs from the wireless [IP] address and hence allows the management path and the data path to be separated. Once the Separate Wireless Management Interface is enabled, the device cannot be managed by the “Wireless IP Address”.
