- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Netgear Armor found vulnerability in R7900 but I have the latest Firmware
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Netgear Armor found vulnerability in R7900 but I have the latest Firmware
I subscribe to Netgear Armor and it ran a scan yesterday and identified a vulnerativlity with the Netgear R7900 router. The error is "/http protocol accepts unencrypted (plain text) logins.". I thought this had been fixed in the latest Firmware but apparantly it isn't. I am using firmware Version 1.0.4.26 which seems to be the latest version based on Netgear support site https://kb.netgear.com/000062098/R7900-Firmware-Version-1-0-4-26 .
I currently run this device as an "Access Point" with only the highest frequency 5Ghz band enabled. 2.4 and the lower 5ghz are disabled. It is the primary coverage device for the media room. The real router in my setup is a netgear R7900P doing all the DHCP and interfacing with the modem.
Is there a new firmware coming to resolve this? Does Netgear know there is this problem ? In the mean time is there any feature or port I can turn off in the router to reduce the vulnerability that won't affect my network operation?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear Armor found vulnerability in R7900 but I have the latest Firmware
Well, your R7900P does have this "feature" the scanner claiming to be a vulnerability, too. Not truly a vulnerability, more a policy question. In most closed home networks, and for many embedded devices still the connection of choice - for many models (like the R7900) the only choice AFAIK.
Look, when extending the scan to true business grade https there would should be bunches of issues reported - all ways beyond of what a home user can achieve without being an IT professional, without owning a private domain, without valid certificates signed to your very own domain, without reverse lookup IP->hostname matching, and much more.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear Armor found vulnerability in R7900 but I have the latest Firmware
Hi Commit2Quality,
Welcome to the community! If possible, would you mind providing a screenshot for us to check further?
Thanks,
Christian
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear Armor found vulnerability in R7900 but I have the latest Firmware
Screenshot attached of the error report from Netgear Armor about its vulnerability analysis of the Netgear R7900 on my network.
Topography: Netgear Armor is associated with my Netgear R7900P which is the DHCP Router for the home. The device that Netgear Armor flagged as vulnerable is an R7900 (no p) that I have in my network operating as an access point mode and is plugged directly into the 7900P that Armor is running on.
Anyway I have been checking firmware versions frequently and there is nothing new since early August.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear Armor found vulnerability in R7900 but I have the latest Firmware
@Commit2Quality wrote:The device that Netgear Armor flagged as vulnerable is an R7900 (no p) that I have in my network operating as an access point mode and is plugged directly into the 7900P that Armor is running on.
Most Nighthawk Routers use the so called Basic Authentication - over http lack of a https implementation on the earlier devices. On the R7900 (and the similar R8000 oddly available for the remote access, but not for the LAN access). Nothing wrong with Basic Auth over https even over the Internet - however a reasonable scanner should (and does) report it.
Under the line, nothing that wrong for an admin login an isolated, private [W]LAN for the remaining lifetime of these products.
@Commit2Quality wrote:Anyway I have been checking firmware versions frequently and there is nothing new since early August.
Unlikely Negear will change the design and the implementation of a consumer device introduced in 2014.
Why? Because it's not a vulnerability per se.
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more