NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
redstamp
Jun 04, 2016Apprentice
/dbbroker exploit
3 weeks ago I purchased a Netgear ReadyNAS and moved all my files onto it. This week I tried to turn on "ReadyNAS Replicate" under the Cloud tab in the LAN http interface. There were some user cred...
Skywalker
Jun 06, 2016NETGEAR Expert
redstamp wrote:
I cant find any more details on the exploit and wondered if I should be worried? I was using Chrome, so presuming the details have been auto-populated from Chrome, I cleared the Chrome cache / history.
That "exploit" isn't directly related to dbbroker. It's just a generic method of trying to sniff HTTP Basic Auth headers. That can be accomplished by an attacker on your local network if the traffic passes through a hub that the attacker is connected to, or if an attacker is able to launch a successful man-in-the-middle attack, or if the attacker has access to the system from which you log in to the admin interface. To prevent these attacks, just use HTTPS. You can also completely disable HTTP access to the admin UI by going to System -> Settings, then click on the HTTP button, and uncheck "Enable HTTP Admin".
StephenB
Jun 07, 2016Guru - Experienced User
Skywalker wrote: You can also completely disable HTTP access to the admin UI by going to System -> Settings, then click on the HTTP button, and uncheck "Enable HTTP Admin".
Disabling http admin access is a good idea (I actually think it should be disabled by default).
Related Content
NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!