NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
SHA-1 has been officially broken, FVS devices don't support SHA-2
I replied to an "Idea Exchange" post, but figured I would post this here as well.
SHA-1 has been successfully shown to have weaknesses. The Github repository website suffered a data corruption recently that was due to SHA-1 collisions. As of now, there is no support for any VPN hashing algorithm higher than SHA-1, in either the P1/P2 transport algorithms or the certificate. This makes the device too insecure to use for VPN purposes. Google, Microsoft, SSLabs, and many other security organizations have been warning about this for over 6 years......
This needs to be fixed! I get it, the FVS firmware hasn't had any major feature updates in a long time, so if you're just waiting until the next hardware rev to fix this, please at least respond & say so.
Thanks!
10 Replies
Hi train_wreck,
Thanks for posting this information. This has been raised to the engineering team.
Regards,
DaneA
NETGEAR Community Team
Just for information, the latest update to Cisco's RV042G router (a direct competitor to the FVS336G) has been updated to resolve this issue....
Did you hear that? I heard a whip cracking! lol!
- We bought the FVS336Gv3 first & foremost because of security. I hope we didn't made a mistake. Tardy support of SHA256 is unacceptable.
I'm going to give netgear another 90 days to solve this and support SHA-256.
I don't have high hopes- but my fingers are crossed.
Hello,
are there any news on it? We need the SHA-2 support for our FVS318N too!
Additional question. The certificate for the https login to the config webpage is SHA-1 too. This need to be changed to SHA-2 certificate too! Will this be supported by Netgear in one of the next Firmware releases?
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
