Security Advisory

Prolink Product Security Vulnerability

As a provider of digital solutions for all aspects of life, Prolink takes security seriously and ensure that all of our products are secure in order to protect the privacy of our customers.

We are constantly on a lookout for the ever-changing security threats and solutions to safeguard our products against it. However, we would appreciate that our community can also help bring any form of potential security threats to our attention so that we can be well-aware, well-prepared, and always kept up-to-date on the latest security developments.

Any information that you supply to us will be of a great help to the Prolink team in creating safer firmware and hardware and our promise to you is that we will use these valuable information that you have reported to resolve any identified security vulnerabilities.

We want you to be able to use all our products and services with an ease of mind.

Prior to the Report submission, please do review and follow below minimum mandatory requirements:

  • Keep information about any vulnerabilities that you have discovered CONFIDENTIAL between yourself and Prolink until disclosure is approved in written from our end.

  • Do not compromise or cause disruption to our product and/or services rendered or degradation in any form to our users during testing or proof-of-concept testing.

  • Use only this submission method as identified method for Vulnerability Reporting.

Report Vulnerabilities

If you believe that you have found a security vulnerability in any of our products or services, you may make a report by submitting the form below.

By submitting the Security Advisory Form, you will be required to minimally provide us all the following information including your contact details and have given permission for our team to contact you for further information.

    • Product Model and Firmware Version

    • App Version (If any)

    • Expected Behaviour

    • Actual Behaviour after vulnerability exploit

    • Steps to reproduce the vulnerability

    • Detailed Risk assessment (Critical/Major/Minor)

    • Proof of concept methodology and tools

    • Your valid contact information (Mobile Number, email address)

 

Submit Security Feedback

{formbuilder:OTg3Mzk=} 

What happens after the Submission

Initial Acknowledgement of Receipt: Prolink will acknowledge receipt of the vulnerability as soon as possible, within 7 business days.

Status Updates: 
Prolink uses Security Severity Rating (SSR) as a way to classify vulnerabilities. With SSR, resolution will be provided based on the severity:

  • Critical - within 2 weeks of being verified  
  • High - within 4 weeks of being verified 
  • Medium - within 6 weeks of being verified 
  • Low - within 25 weeks of being verified 

Prolink will commit to providing regular status updates. For critical cases, daily updates will be provided. For other cases, weekly updates will be provided.

Latest Security Updates

All new and confirmed security updates, along with descriptions of the issues that have been resolved will be announced in this section of the page upon the availability of a security fix. To get first hand Security Updates, we would recommend users to subscribe directly to our Prolink e-newsletter.

Date Release

Security Updates

25 June 2021 PRC2402M new firmware V1.0.24 release for the vulnerability of script injection.
29 July 2021 PRC2402M new firmware V1.0.25 release for the vulnerability of DOS Attack.