NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

redstamp's avatar
redstamp
Apprentice
Jun 04, 2016

/dbbroker exploit

3 weeks ago I purchased a Netgear ReadyNAS and moved all my files onto it.  This week I tried to turn on "ReadyNAS Replicate" under the Cloud tab in the LAN http interface.  There were some user cred...
Tips from other users
Skywalker's avatar
Skywalker
NETGEAR Expert
Jun 06, 2016
redstamp wrote:

 

I cant find any more details on the exploit and wondered if I should be worried?  I was using Chrome, so presuming the details have been auto-populated from Chrome, I cleared the Chrome cache / history.

 

 

That "exploit" isn't directly related to dbbroker.  It's just a generic method of trying to sniff HTTP Basic Auth headers.  That can be accomplished by an attacker on your local network if the traffic passes through a hub that the attacker is connected to, or if an attacker is able to launch a successful man-in-the-middle attack, or if the attacker has access to the system from which you log in to the admin interface.  To prevent these attacks, just use HTTPS.  You can also completely disable HTTP access to the admin UI by going to System -> Settings, then click on the HTTP button, and uncheck "Enable HTTP Admin".

StephenB's avatar
StephenB
Guru - Experienced User
Jun 07, 2016
Skywalker wrote:  You can also completely disable HTTP access to the admin UI by going to System -> Settings, then click on the HTTP button, and uncheck "Enable HTTP Admin".

Disabling http admin access is a good idea (I actually think it should be disabled by default).

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More