NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

ndpm's avatar
ndpm
Aspirant
Aug 01, 2017

Vulnerabilities on Ready NAS 204

We did a scan to our network and found severals vulnerabilities in our NAS 204.

I look online but was not able to find anything.

 

here is the list:

 

1: SSL Medium Strength Cipher Suites Supported

2: Apache 2.2.x < 2.2.33-dev / 2.4.x < 2.4.26 Multiple Vulnerabilities

3: Apache 2.2.x < 2.2.34 Multiple Vulnerabilities

4: SSL 64-bit Block Size Cipher Suites Supported (SWEET32)

5: SSL Certificate Cannot Be Trusted

6: SSL Certificate with Wrong Hostname

Can you help me to fix this.

Thank you.

Installation & Upgrade

9 Replies

  • StephenB's avatar
    StephenB
    Guru
    Aug 01, 2017

    You can't fix (5) unless you arrange to install a cert from a CA.  The NAS uses a self-signed cert.

     

    What firmware are you running?

      • StephenB's avatar
        StephenB
        Guru
        Aug 01, 2017

        I'm running 6.8.0-RC1 on mine.

        I checked with www.ssllabs.com

         

        I got the expected self-signed cert issues

        Alternative names -   INVALID
        DNS CAA No 
        Trusted No   NOT TRUSTED

         

        It also got a downgrade on forward secrecy - details are

        TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e)   DH 1024 bits   FS   WEAK

        TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f)   DH 1024 bits   FS   WEAK

        TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x67)   DH 1024 bits   FS   WEAK

        TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33)   DH 1024 bits   FS   WEAK

        TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b)   DH 1024 bits   FS   WEAK

        TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39)   DH 1024 bits   FS   WEAK

        TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x88)   DH 1024 bits   FS   WEAK

        TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x45)   DH 1024 bits   FS   WEAK

         

        There was one encryption method with a 112 bit key that was also flagged.

        TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa)   WEAK

         

        These are easily fixed by Netgear - removing one cipher suite, and changing the minimum DH key size.

         

  • kohdee's avatar
    kohdee
    NETGEAR Expert
    Aug 10, 2017

    Things that help NETGEAR better diagnose these issues are also knowing which software you used to generate this report, and a copy of the report....  What you've provided here is not really explicit to any specifically known vulnerabilitiy. CVE numbers help here. 


    On your apache2 problems, if your scanner only checks version, then you cannot trust that. We do lots of cherrypicking from newer versions and put fixes in seemingly older versions. So likely, these are not realistic. We also do this in kernel and other things. 


    You could eliminate 4 of those by using HTTP instead of HTTPS :P 

    • ndpm's avatar
      ndpm
      Aspirant
      Aug 10, 2017

      Nobody from Netgear try to contact me to get the report.


      The scans are done with Tenable IO. 

       

       

      • StephenB's avatar
        StephenB
        Guru
        Aug 10, 2017
        ndpm wrote:

        Nobody from Netgear try to contact me

        Both kohdee and mdgm-ntgr work for Netgear.

         

        You could perhaps PM Kohdee and send him a copy of the full report.

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More