NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Robc101
Jan 11, 2018Tutor
ReadyShare SMB1 Error
Connecting a USB Storage to my router I get the following error when I try to connect. I updated to the latest firmware, but that had no effect. Any ideas? System error 384 has occurred. You can...
- Jan 12, 2018
Robc101,.
It does appear as though I misspoke when I didn't notice which router you had. I apologize for the confusion but it did sponsor a great deal of good information on this vulnerability.
The fact of the matter is that we have updated our currently shipping routers (see the brief here)
Security Advisory for CVE=2017=7494, Samba Remote Code Execution
And what I have confirmed is that there are not plans to update the WNR3500 to SMB2, so you'll need to either use one of the workarounds listed in this thread or buy a new router. Sorry I don't have better news,
John
Robc101
Jan 11, 2018Tutor
Thank you John. I contacted PNY about their USB Device and they said this issue has nothing to do with them and to contact Netgear
Robc101
Jan 11, 2018Tutor
Microsoft says
In Windows 10 Fall Creators Update and Windows Server, version 1709 (RS3), the Server Message Block version 1 (SMBv1) network protocol is no longer installed by default. It was superseded by SMBv2 and later protocols starting in 2007. Microsoft publicly deprecated the SMBv1 protocol in 2014.
To work around this issue, contact the manufacturer of the product that supports only SMBv1, and request a software or firmware update that support SMBv2.02 or a later version.
- YeZJan 11, 2018NETGEAR Expert
Microsoft OS update has disabled SMB1 support by default since Q4 2017, while ReadySHARE requires SMB1 protocol to be enabled to access.
You would need to manually turn on SMB1 by going to "Turn Windows features on or off" and check "SMB 1.0/CIFS Client" under "SMB 1.0/CIFS file sharing support"
- Robc101Jan 11, 2018Tutor
Yes, I am aware, however, this opens my network to Samba Vunerabilities and Wanna Cry. It looks like I need Netgear to enable SMB2 in their readySHARE capability.
- schumakuJan 11, 2018Guru - Experienced User
It's a multil-layer thingie in fact.
Enabling just SMB 1.0 Client (and more essentially the NetBIOS discovery protocol still required to discover most NAS and all ReadyShare Routers on the LAN!) on the Windows side does not create any risk.
Some Netgear routers (I don't have the bigger picture) like the Nighthawk X10 (R9000) with the current v1.0.3.6 come with an updated SAMBA, and a UI control on the SMB protocols (plus some more) served:
Looking inside of a current X10 does show:
root@R9000:/# /usr/sbin/smbd -V
Version 4.6.4
If one would be very nut picking, SAMBA starting from 4.6.4 (resp. 4.5.10 or 4.4.14 if one is on older branches) has fixed the IPC vulnerability used by Wanna Cry - so that risk is mitigated even if one would continue using SMB 1.0. However, this does not help the owners of the older WiFi router models not having seen updates yet.
A "theoretical" temporary fix would be adding a config line into the SAMBA config, [global] section:
nt pipe support = no
This does however remove the ability to "browse" the ReadySHARE \\readyshare\ server - and you have to use the correct shared folders names like \\readyshare\USB_storage or \\192.168.1.1\USB_storage - that would not be a big loss, but then it's not customer friendly having to enable telnet or ssh access to the routers, and patch things on the fly - and then the change is even volatile.
Said that - there is no other way to push Netgear towards updating as many WiFi routers, Nighthawk, (and Orbi?), ... firmware with a newer SAMBA version, making them add the similar UI control, ... or officially abandon the support of ReadySHARE SMB access on some older products.Last but not least, johngm is the GM of Netgear's Business Solutions unit, all the Netgear consumer WiFi Routers and Nighthawk are coming from a different business unit. But I'm convinced he can talk Tacheles to his boss and his other BU friends. Please John...
Regards,
-Kurt