NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Passwords included as plaintext in syslog messages
Looking through my Splunk logs I notice that my WAX610 has started including the plaintext login password in syslog messages (below)
This is software version 10.8.8.6.
Looking through Splunk history for login events I can see that this changed around September 2023 (presumably a few software upgrades ago). Before then a login event looked like this:
So I'm curious. Is this a bug or is including plaintext passwords in syslog messages consistent with Netgear's security policy and best practices?
8 Replies
Thanks. Please update as soon as possible with plans for a fix. This is a serious security issue - even after the offending syslog messages stop being generated they will persist in the Splunk database for the data retention period.
Any update yet? Since this is not only a bug but a security issue ...
Hello hc1ng
If this has been raised to engineering team it's possible that it will be added to the next publish of firmware since this is a global issue. But publishing a new firmware normally takes time due to collating of bug fixes and will go through some sort of quality control before posting. I do not think also they will just give you a patch for your issue because again this is a global security issue.
Have a lovely day,
Erwin
Netgear Team
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
