Allied Telesis can confirm that none of the following products are affected by the
CVE-2014-4877 vulnerability.
- AT-8100 Series
- AT-9000 Series
- AT-FS970M Series
The only protocols these product lines use for file transfers are TFTP and HTTP. ‘WGET’ is not used with HTTP.There are no software versions for any of these products that have ever suffered from the vulnerability.
No patch or update is required to make the products invulnerable to CVE-2014-4877. They are all invulnerable, even when running the initial software that they shipped with from the factory.