NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
OrbiMan
Apr 12, 2017Luminary
Security vulnerability in Orbi
I happened to run avast wifi analysis and it found the 2 vulnerability in Orbi Router software listed below. Can anyone who is more technically minded confirm this? Orbi is a brand new system it should be patch against security holes that been reported since 2013.
https://www.rapid7.com/db/vulnerabilities/miniupnpd-cve-2013-0229
https://www.rapid7.com/db/vulnerabilities/miniupnpd-cve-2013-0230
4 Replies
- DarrenMSr. NETGEAR Moderator
- JMU1998Luminary
this is a security related item and requires immediate Engineering attention please!
- rhester72Virtuoso
Neither of these are barn-burners, honestly - one's a possible denial-of-service and the other is a _possible_ privileged exploit, both of which require the attack to come *from the internal network*. While I agree it's nice to have _all_ vulnerabilities mitigated, that isn't realistic, and these two in particular fall somewhat into the "meh" category of risk. Yes, they should be fixed, but no, I don't think it likely (or necessary) that Netgear engineering is going to drop whatever it's doing to jump right on this.
Rodney