Orbi WiFi 7 RBE973
Reply

Re: R8000P vulnerabilities http_basic_auth, weak_password

unlisted
Aspirant

R8000P vulnerabilities http_basic_auth, weak_password

AT&T give me the message below; is AT&T correct? If so, can the R8000P be fixed?

Device
R8000P
Description
There were 2 vulnerabilities found on your R8000P.
The vulnerabilities are http_basic_auth, weak_password. These vulnerabilities may allow an attacker to damage your device.
Model: R8000P|Nighthawk X6S AC4000 Tri Band WiFi Router
Message 1 of 8

Re: R8000P vulnerabilities http_basic_auth, weak_password


@unlisted wrote:
AT&T give me the message below; is AT&T correct? If so, can the R8000P be fixed?


Which bit of AT&T gave you that message?

 

Then the usual boilerplate questions to eliminate some of the more common issues that crop up here.

What firmware version do you have on the device?

A number is more useful than "the latest". There may be newer versions, or "hot fixes", that do not show up if you check for new firmware with an app or in the browser interface.

If there is one it might also help if you told people the make and model number of the modem/gateway/ONT that connects this router to the Internet. Is it, by any chance, also a router, with a set of LAN ports on the back?

I ask because a lot of people turn up here trying to put a router behind a modem that is also a router. That can complicate troubleshooting.

Message 2 of 8
unlisted
Aspirant

Re: R8000P vulnerabilities http_basic_auth, weak_password

Great questions and the answers are the usual in part and atypical in part. Firmware is latest as of this post, and if Netgear releases revised new firmware then I will probably allow it to be installed. ATT-T's scanning software is ATT default (i.e., included not extra each month) ActiveArmor software. Netgear hardware is configured as access point (i.e., dhcp server disabled). I am curious about what exactly AT&T is identifying.
Message 3 of 8

Re: R8000P vulnerabilities http_basic_auth, weak_password


@unlisted wrote:
Firmware is latest as of this post, and if Netgear releases revised new firmware then I will probably allow it to be installed.

There is a clue in there as to why claims of "latest" are not much help.

 

If you rely on "allow it to be installed" there is a risk that it is not the latest. Only the version number tells us what is really going on at your end.

 

Apps and the GUI interface are famously good it missing updates. People making those claims can be years out of date.

 


ATT-T's scanning software is ATT default (i.e., included not extra each month) ActiveArmor software. Netgear hardware is configured as access point (i.e., dhcp server disabled). I am curious about what exactly AT&T is identifying.

There's a lot going on in there, apart from knowing nothing about what you mean by "ATT default". All of it open to misunderstanding.

 

For example, access point is not the same thing as "dhcp server disabled", in the same way that people turn up here thinking that turning off the wireless disables a router.

 

The people who respond to problems that arrive here have seen hundreds of messages. They are familiar with the common issues that can gum up a network. Their questions are based on dealing with those problems. If they don't get clear answers they may more on to the next fresh message.

 

As to your question, ask AT&T. It should know all about the false positives that it can create.

Message 4 of 8
unlisted
Aspirant

Re: R8000P vulnerabilities http_basic_auth, weak_password

It does make for an interesting challenge for the gurus, doesn't it? The post contains all the information that AT&T provides.
Message 5 of 8
FURRYe38
Guru

Re: R8000P vulnerabilities http_basic_auth, weak_password

What password is ATT referring too? The routers default password or the one you input during the setup of the router? 

If you haven't changed the default admin log in password to something else or used a more complex admin PW, then that would need to be effected by you. The default admin log in password out of the box, can't be changed as that is a initial setup password only, hard coded by NG. Users are required to change it during the setup routine to something different. 

 

Again, probably false positive or false negative, however you need to look at it. 

Message 6 of 8
unlisted
Aspirant

Re: R8000P vulnerabilities http_basic_auth, weak_password

AT&T did not specify which password alarmed it. Hopefully ATT lacks the ability to read any password (default or complex) in the first place!
Message 7 of 8
FURRYe38
Guru

Re: R8000P vulnerabilities http_basic_auth, weak_password

Might ask them about this and which PW they are referencing.

 

 

Message 8 of 8
Top Contributors
Discussion stats
  • 7 replies
  • 707 views
  • 1 kudo
  • 3 in conversation
Announcements

Orbi 770 Series