NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

ndpm's avatar
ndpm
Aspirant
Aug 01, 2017

Vulnerabilities on Ready NAS 204

We did a scan to our network and found severals vulnerabilities in our NAS 204. I look online but was not able to find anything.   here is the list:   1: SSL Medium Strength Cipher Suites Supp...
Installation & Upgrade
kohdee's avatar
kohdee
NETGEAR Expert
Aug 10, 2017

Things that help NETGEAR better diagnose these issues are also knowing which software you used to generate this report, and a copy of the report....  What you've provided here is not really explicit to any specifically known vulnerabilitiy. CVE numbers help here. 


On your apache2 problems, if your scanner only checks version, then you cannot trust that. We do lots of cherrypicking from newer versions and put fixes in seemingly older versions. So likely, these are not realistic. We also do this in kernel and other things. 


You could eliminate 4 of those by using HTTP instead of HTTPS :P 

ndpm's avatar
ndpm
Aspirant
Aug 10, 2017

Nobody from Netgear try to contact me to get the report.


The scans are done with Tenable IO. 

 

 

  • StephenB's avatar
    StephenB
    Guru - Experienced User
    Aug 10, 2017
    ndpm wrote:

    Nobody from Netgear try to contact me

    Both kohdee and mdgm-ntgr work for Netgear.

     

    You could perhaps PM Kohdee and send him a copy of the full report.

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More