Nighthawk software reports vulnerabilities with ReadyNAS Firmware 6.10.9

Question

My NETGEAR router has been reporting vulnerabilities with the latest firmware (6.10.9) as it can be seen from the following screen capture. Is NETGEAR going to do anything about it?

I. Konuk

schumaku · Answer

Lack of any insight or details about the report - how useless information for the average user: We can just guess this security scan want to tell us that http access to the ReadyNAS admin Web is insecure (indeed, ...). Needless to say, at the current EoL status of ReadyNAS, it's more than unlikely this nice, user-friendly default will be removed.

StephenB · Answer

I agree with&nbsp;schumaku&nbsp;that the lack of detail in the report makes it not actionable.
&nbsp;
What services do you have enabled on the NAS?
Do you have any ports forwarded to the NAS in the router?
&nbsp;
Is your NAS set up to allow anonymous access to shares?
Another possibility is that the NAS is allowing SMB 1 connections - which you could disable is smbplus is installed.

ikonuk · Answer

Thank you&nbsp;@schumaku&nbsp;and&nbsp;@StephenB.&nbsp;I did have SMB and iTunes enabled for some reason. I disabled it. I will post the outcome.&nbsp;No ports are forwarded.

schumaku · Answer

ikonuk&nbsp;wrote:
I did have SMB and iTunes enabled for some reason. I disabled it. I will post the outcome.

Curious how one does use a NAS (and for what purpose) without the SMB protocol? Could be SMB 1.0 enabled as&nbsp;StephenB&nbsp;mentioned. The iTunes Service is not security relevant - very different from the default http access ...

Forum Discussion

Nighthawk software reports vulnerabilities with ReadyNAS Firmware 6.10.9

4 Replies

Related Content

KRACK Vulnerabilities

WPA2 - KRACK / Vulnerability

Netgear Nighthawk M1 vulnerability

Download software for Netgear Nighthawk AC1900 USB 3.0, Dual Band

New NightHawk X4S D7800 vulnerability

NETGEAR Academy

ProSupport for Business