Orbi WiFi 6 and Control4 Vulnerability - No Details Available

Question

I'm running an Orbi WiFi 6 mesh system (RBR 850 and two RBS850). I recently had some AV work done and a Control4 (EA-3) controller was added to the ethernet network. I've been getting alerts on the Orbi app that Netgear Armor has "Vulnerabilities Detected" (9 of them). The app also says "Vulnerability Report Available" and the following "Armor detected 9 vulnerabilities on your Control4 home automation. View details." Then there is a blue "Go to Armor Security Vulnerabilities" - but clicking on that doesn't do anything.

Any suggestions for what to do?

Blanca_O · Answer

Hi CrazyEddie

&nbsp;

Welcome to NETGEAR Community!

&nbsp;

You can also view notification in the NETGEAR Armor portal&nbsp;https://armor.netgear.com

&nbsp;

Here's a reference link: https://kb.netgear.com/000059454/

&nbsp;

As for the Orbi app, may we please know the app version?&nbsp;

&nbsp;

Regards,
Blanca
Community Team

&nbsp;

CrazyEddie · Answer

Hi Blanca - thanks for the welcome, and for the tip about the web portal. I was able to access the portal and found a bit more detail about the Control4 controller. The portal shows 9 "High risk vulnerabilities". I was able to drill down and see 9 apparently repetitive items listed as "Discovered product affected by a known public CVE", and then the following in a graphical presentation:

"Vulnerability description

Generic vulnerability. Don't worry, NETGEAR Armor will keep your device safe against hacking.

What should I do

What can happen

1 security risk(s)

- nginx 1.16.0"

So I *think* that the top message of "Don't worry" is supposed to be the answer to the lower "What should I do"? Is there not a patch or something that I can get for the Control4 controller?

My app version is 2.11.0.11

Forum Discussion

Orbi WiFi 6 and Control4 Vulnerability - No Details Available

2 Replies