R7500v1 Zebra VTY Vunerability

BlankAlpha · ‎2016-12-03

Hi All,

Just in case anyone has this router.

You are vunerable over telnet port 2601. (Zebra Service's default password hasn't been changed. This service potentially could route your internet connection through any unsecure server creating a permanent MITM without your knoweldge).

To fix this vunerability telnet into your router using the username "zebra" and password "zebra" (see the vunerability now?)

To update the password after logging in:

1. "enable"

2. it prompts for password, enter "zebra"

3. write "write terminal"

4. write "configure terminal"

5. write "password [newpassword here]" (Changes Telnet Password)

6. write "enable password [newpassword here]" (Changes enable password)

7. Vunerability should be fixed. Crtl-z, "quit"

Here is the walkthrough of all commands for Zebra VTY:

http://www.nongnu.org/quagga/docs/quagga.html#Config-Commands

ElaineM · ‎2016-12-16

We strongly recommend that you submit any security vulnerability concerns to security@netgear.com so that our security advisory team can verify it and provide resolution.

Thank you!

ElaineM
NETGEAR Community Team

BlankAlpha · ‎2016-12-16

I have. Unfortunately they haven't responded.

They might have their hands full with the URL vulnerability that lets anyone take over the router with simple well crafted HTTP requests.

I might be returning this router for something more secure. It doesn't appear Netgear takes security seriously.

mediatrek · ‎2016-12-16

@BlankAlpha wrote:

I have. Unfortunately they haven't responded.

They might have their hands full with the URL vulnerability that lets anyone take over the router with simple well crafted HTTP requests.

I might be returning this router for something more secure. It doesn't appear Netgear takes security seriously.

The R7500v1 is EOL (End of Life), so I would expect hell to freeze over before any vulnerability gets properly fixed within the stock Netgear firmware.

mdgm-ntgr · ‎2016-12-16

We've promptly dealt with the URL vulnerability and we found that the R7500v1 is not affected.

We do take security very seriously.

In any case you've found what you consider a workaround for what you consider to be a security vulnerability.

Our security advisory team does need time to consider and investigate reports.

Products that are EOL may still receive firmware updates e.g. if we determine that security fixes are needed.

Useful links: Sending Logs|My ReadyNAS Gear|FAQ|Hardware Compatibility List|Docs: Setup Guide, Manual|Downloads|Unofficial Tips|GPL|MDGM on Twitter|MDGM's Unofficial Guides
NB: A ReadyNas is not an excuse not to have a backup. Fire, theft, multiple disk failures, other hardware failure, floods, user negligence etc. can all result in loss of data.
How to contact NETGEAR Technical Support | Australia: 1300 361 254 / Other Numbers|Online Submission
Unofficial Guide for Moving from Sparc ReadyNAS to x86 ReadyNAS|Using Gmail with the ReadyNAS|XRAID Volume Size Calculator

BlankAlpha · ‎2016-12-16

That is great news.

I hope this is also patched.

I am pretty sure what I consider as a Security Vulnerability is what everyone else considers a security vulnerability.

R7500v1 Zebra VTY Vunerability

R7500v1 Zebra VTY Vunerability

Re: R7500v1 Zebra VTY Vunerability

Re: R7500v1 Zebra VTY Vunerability

Re: R7500v1 Zebra VTY Vunerability

Re: R7500v1 Zebra VTY Vunerability

Re: R7500v1 Zebra VTY Vunerability