i had chose netgear when buying the SXR80 because it seemed they put out regular firmware updates for the life of the products. Well this year i've not seen any firmware updates for the Orbi SXR80 been on 4.2.3.102 since it was released. So what is netgear going to do about CVE issues with their software? I'm very disappointed they are not taking security seriously and addressing these issues.
We are working on next SXK80 firmware release v4.3.2.x, which will include known security bugfix. We target to release by mid of Aug. We are still maintaining firmware for critical issues and security issues.
Nice to hear that news but i will say in closing that Netgear's actions with regards to firmware updates will determine if i stay with netgear or drop netgear when i eventually have to replace these. FYI, your VPN does not work with Fedora FC38 unless the security policy is set to legacy. not a good look for netgear.
I agree to @eierughdf, but in addition I want to emphasise that it would be even more important for Netgear to serve these products with more frequent updates, because these products are the business line and not private use/ family products.
Given this fact priorities for these devices need to be higher than (business) customers currently experince.
FYI, your VPN does not work with Fedora FC38 unless the security policy is set to legacy. not a good look for netgear.
The OpenVPN service is designed and implemented just like on an almost one decade old consumer router. It was never updated after to higher standards and key length since.
