NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Vulnerabilities on Ready NAS 204
We did a scan to our network and found severals vulnerabilities in our NAS 204. I look online but was not able to find anything. here is the list: 1: SSL Medium Strength Cipher Suites Supp...
You can't fix (5) unless you arrange to install a cert from a CA. The NAS uses a self-signed cert.
What firmware are you running?
6.7.5
I'm running 6.8.0-RC1 on mine.
I checked with www.ssllabs.com
I got the expected self-signed cert issues
Alternative names - INVALID DNS CAA No Trusted No NOT TRUSTED It also got a downgrade on forward secrecy - details are
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (
0x9e) DH 1024 bits FS WEAKTLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (
0x9f) DH 1024 bits FS WEAKTLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (
0x67) DH 1024 bits FS WEAKTLS_DHE_RSA_WITH_AES_128_CBC_SHA (
0x33) DH 1024 bits FS WEAKTLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (
0x6b) DH 1024 bits FS WEAKTLS_DHE_RSA_WITH_AES_256_CBC_SHA (
0x39) DH 1024 bits FS WEAKTLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (
0x88) DH 1024 bits FS WEAKTLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (
0x45) DH 1024 bits FS WEAKThere was one encryption method with a 112 bit key that was also flagged.
TLS_RSA_WITH_3DES_EDE_CBC_SHA (
0xa) WEAKThese are easily fixed by Netgear - removing one cipher suite, and changing the minimum DH key size.
Some checkers just check version numbers. We can't update to apache 2.4 as it would break WebDAV.
We backport what we need for various packages and update to newer package versions where it makes sense to do so.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
