NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Orbi 2.2.1.210 fimware security issue (turns on guest network with no password)
Has anyone else experienced this? I upgraded by Orbi to 2.2.1.210 - everything seemed fine. I have a guest network (with a password) that I leave disabled and only enable when we have a guest. It is ...
Ahhh same issue here and i didn't know about it until now, i had reloaded the firmware by scratch as well, massive security issue
I would like to publish this as a security incident. Not sure about that process... It would be good to get the wider community involved.
I had a similar issue and it turned out the satellite was connecting via the backhaul and needed a firmware reset along with a forced sync to the base. Certainly wasn't expecting that, but can imagine it's probably happening to a lot more folks who just expect to plug this up and not check all the settings.
So a factory reset fixed what you were seeing?
User00 wrote:
I had a similar issue and it turned out the satellite was connecting via the backhaul and needed a firmware reset along with a forced sync to the base. Certainly wasn't expecting that, but can imagine it's probably happening to a lot more folks who just expect to plug this up and not check all the settings.
What is strange is that the only thing that did sync after the satellite rebooted and came back online was the router password, unfortunately nothing else sync'd.
I can certainly confirm that if you have it setup and operational - then decide to change the wireless settings - the satellite will not automatically get those settings and will continue to broadcast the original wireless networks and passwords. What's also frustrating is that you can't remotely reboot the satellite. However, you can upload the firmware again and that will trigger the reboot. I never got the Sync buttons to work unless the satellite was in factory default mode and right next to each other (even though the satellite shows up as connected via backhaul on the router's attached devices).
So for me - if I make a WiFi settings change (pw or SSID) - then it won't sync unless i reset the satellite to factory defaults - but the router password will. In your case, maybe the satellite received an initial configuration with an open guest password before a password was set. That would explain having the open network - which I recall having when I first set this up - but just chalked it up to initial setup issues and then did a factory reset after all the settings were completed in the base.
ja6a wrote:
I would like to publish this as a security incident. Not sure about that process... It would be good to get the wider community involved.My system had this issue once. Turns out the errant guest network was coming from one of the satellites. A power-cycle resolved the issue. It's a bug for sure, but it was not much of a security issue, because connecting to the guest SSID provided no IP address to the computer and no network access.
st_shaw wrote:
It's a bug for sure, but it was not much of a security issue, because connecting to the guest SSID provided no IP address to the computer and no network access.Well, if the satellite is connected via ethernet backhaul to the base - then it will allow those devices to connect and be handed off to the base for connectivity into the network. If you look at the connected devices on the base - all of those devices from the satellite appear as wired (via the backhaul).
User00 wrote:
st_shaw wrote:
It's a bug for sure, but it was not much of a security issue, because connecting to the guest SSID provided no IP address to the computer and no network access.Well, if the satellite is connected via ethernet backhaul to the base - then it will allow those devices to connect and be handed off to the base for connectivity into the network. If you look at the connected devices on the base - all of those devices from the satellite appear as wired (via the backhaul).
No. As I wrote, my computer did not receive an IP address from the rogue guest WiFi. With no IP address my computer had no connectivity to the satellite (and thus no connectivity to any part of the network.)
Did you manage to get it published? This is indeed a pretty nasty security hole in the firmware and given that it's still the active firmware in use at this time, broader communication about it world definitely be a good idea.
- I am not sure where to publish it. Perhaps hackernews? I was a little confused by some of the responses - but yours has inspired me.
https://community.netgear.com/t5/Orbi/Orbi-NETGEAR-Guest-wont-turn-off/m-p/1659396#M44609
I would contact a Forum moderator to let them know if they don't already.
ja6a wrote:
I am not sure where to publish it. Perhaps hackernews? I was a little confused by some of the responses - but yours has inspired me.
