Reply

Orbi RBS50 & Sky+ HD Vulnerabilities showing on Netgear Armor

Lollup
Follower

Orbi RBS50 & Sky+ HD Vulnerabilities showing on Netgear Armor

We were having some work done at home and the router was disconnected. When reconnected, I am now receiving a huge number of vulnerabilities for the Sky+ HD. I have manually updated the Sky+ box, checked for any solutions online, but cannot find any solution.



There is no method of adding Armor to the Sky+ Box, but I do not want to exclude it from the security if there is a genuine security issue.



Any help would be greatly appreciated
Message 1 of 3
Christian_R
NETGEAR Employee Retired

Re: Orbi RBS50 & Sky+ HD Vulnerabilities showing on Netgear Armor

Hello Lollup,

 

Welcome to the community! Can you send me a private message with your email address and serial number for us to check further. Screenshots of the vulnerability would be helpful as well. 

 

Thanks,

Christian 

Message 2 of 3
volvocyberguy
Aspirant

Re: Orbi RBS50 & Sky+ HD Vulnerabilities showing on Netgear Armor

I can confirm exactly the same issue.
Device I nitially scanned as a Wistron TV device with a 123 vulnerabilities before being identified as Sky+ HD media streamer.

Vulnerabilities listed and repeated without CVEs are typically those of Device lockout, Device Memory Overload, Admin Account Access vulnerability, and Personal Data exposure.

Sky only have one CVE for 2019, so as these vulns were detected when identified as a Wistron, and carried over when identified as a Sky system, would that mean that it is the Wistron Linux kernel developed for Sky that is vulnerable, as I assume Armor attempts to fingerprint the OS running based on the open services and ports?

Obviously no fix for this unless from Sky.

Cheers,

John
Message 3 of 3
Top Contributors
Discussion stats
  • 2 replies
  • 972 views
  • 0 kudos
  • 3 in conversation
Announcements

Orbi WiFi 6E