NETGEAR GS510TP Switch Firmware 5.4.2.25

Bug Fixes:

- Addresses the following security vulnerability issues: CVE-2011-3389, CVE-2009-3555, CVE-2013-2566, CVE-2015-2808. For CVE-2011-3389 case, we need to disable TLSv1 protocol (under Security > Access > HTTPS> HTTPS Configuration). Since GS510TP supports only SSLv3 and TLSv1, any legacy client supporting only TLSv1 may not establish the SSL connection with the switch. So, the best way is to disable the TLSv1 mode and when required for legacy clients the mode can be enabled again. However, enabling the mode will be prone to CVE-2011-3389.
- Fixed the issue where the EAP packet with unicast destination address is blocked when “EAPOL Flooding mode” is enabled while “802.1X admin mode” is disabled.
- Fixed the issue where the system freezes when downloading HTTPS/SSL certificate file (server.pem) to the switch.
- Fixed the issue where the flash logs disappear after system reboot.
- Removed “Refresh” button from FLASH log page.
- Fixed the issue where the following optional TLV values of LLDP-MED are incorrect: Optional Mau Type, Auto-negotiation advertised capability, Maximum Frame size, Asset ID, Manufacturer name, Firmware and Hardware revision
- Fixed the port security issue with static MAC. When a static MAC address is specified and the “Max Allowed Dynamically Learned MAC” is set to 0 for a port, this MAC address can still be learned by other ports. As a result, device with this MAC can work with other ports with “Max Allowed Dynamically Learned MAC” not set to 0, but not with the port with static MAC configured.

Known issues:

- Port PVID (Switching > VLAN > Advanced > Port PVID Configuration) does not automatically changed back to 1 after its associated VLAN is deleted.
- Workaround: Manually change the PVID back to 1.

Limitations:

- Combined MAC and IP ACL do not work with double VLAN tagged traffic.

About Switch Firmware:

Given the large variety of models and different methods for upgrading the switch, if you wish to apply this package, we recommend that you read and understand the installation steps before you install a new firmware, even if you are a power user.

Usually the update procedure isn’t much of a hassle as manufacturers try to make it as simple as possible; however, there are cases that are exceptions to this rule. First off, go to the system information page of the switch to check that the currently installed version isn’t either newer or matching this release.

Applying a new firmware can decrease the security vulnerabilities, enhance overall performance and compatibility, improve various power management functions, resolve different errors, and add support for newly developed technologies and protocols.

It is recommended that you perform this step in a steady power environment such as the one ensured by a UPS unit, and that you don’t interrupt the upgrade in any way, because this might cause the switch to malfunction.

That being said, click the download button, get and apply the new version, and check back with our website constantly to stay up to speed with the latest releases.