- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
ReadyNAS RN214 Joomla cyber attack
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ReadyNAS RN214 Joomla cyber attack
Hello Community,
Is anyone getting attacked by ReadyNAS OS with this signature CVE-2015-8562 ?
Since I added ReadyNAS RN214 to my home network I'm getting this attacks every 10 ~mins.
Although the attack comes from ReadyNAS with a Joomla signature, I don't have Joomla installed on ReadyNAS.
Nortong Security Report
==============================
Category: Intrusion Prevention
6/16/2020 8:28:29 AM,
High,
An intrusion attempt by NAS was blocked.,
Blocked,
No Action Required,
Attack: Joomla Remote Code Execution CVE-2015-8562,
No Action Required,
No Action Required,
"NAS (192.168.1.20, 80)","XPS1550 (192.168.1.8, 40287)",NAS (192.168.1.20),"TCP, www-http"
Network traffic from <b></b> matches the signature of a known attack.
The attack was resulted from \DEVICE\HARDDISKVOLUME4\PROGRAM FILES (X86)\NETGEAR\REMOTE\BIN\READYDROP.EXE.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: ReadyNAS RN214 Joomla cyber attack
I haven't seen it.
Do you have ReadyCloud installed on the PC? ReadyDrop was replaced by ReadyCloud.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: ReadyNAS RN214 Joomla cyber attack
Yes, I have ReadyCLOUD.
Maybe this is a false positive by my NortonAntivirus... I have a support ticket open with Netgear waiting for their inputs.