Jump to content

Recommended Posts

I have no reason to suspect there's anything wrong with my router or Home Network but thought I'd run the 'Scan Router' feature (Tools | Home Network Protection | Scan Router) to see what was reported.  I use the Netgear Orbi with one satellite that gives me excellent WiFi coverage.  The scan reported two vulnerabilities:

  • Update your router's firmware.  Vulnerability Name: EDB-31617.A.  Vulnerability Type: Bad access rights.
  • Network services.  Your router runs common network services.  These are needed by the network and probably safe.

What on earth do these reports mean or add?  The firmware is the most up to date so what does 'Bad Access Rights' actually mean?  (Yes, I have changed the default username and password to access the router's configuration).  A report is only useful if it can be understood and acted upon.

The second report regarding Network Services.  My router runs common network services!!  Go figure; it's a router that assigns IP addresses across my network and routes traffic; I would expect it to use common network services but without any expansion of what this phrase actually means it's worthless.

 

Edited by Skier
Spelling!
Link to comment
Share on other sites

5 hours ago, Skier said:

Update your router's firmware.  Vulnerability Name: EDB-31617.A.  Vulnerability Type: Bad access rights

That is in reference to this: https://www.exploit-db.com/exploits/31617/

There are a few postings on the NetGear forum about this Eset alert without any posted acknowledgement by Netgear of the issue. When was the last time your router's firmware was updated?

Edited by itman
Link to comment
Share on other sites

11 minutes ago, itman said:

That is in reference to this: https://www.exploit-db.com/exploits/31617/

There are a few postings on the NetGear forum about this Eset alert without any posted acknowledgement by Netgear of the issue. When was the last time your router's firmware was updated?

Many thanks for that but specific to a very old router.  As I stated, I'm using the Netgear Orbi and the firmware was updated about 3 weeks ago.

Link to comment
Share on other sites

4 hours ago, Skier said:

Many thanks for that but specific to a very old router.  As I stated, I'm using the Netgear Orbi and the firmware was updated about 3 weeks ago.

Appears Eset is warning about a new vulnerability discussed here: https://techcrunch.com/2017/01/31/netgear-exploit-could-expose-passwords-for-thousands-of-routers/ similar to the old one.

Link to comment
Share on other sites

itman, I appreciate your replies.  However, my router isn't on that list so the warning generated is meaningless. If ESET SS provides a warning it must:

  • Be relevant to what has been scanned i.e. in this case, the router model.
  • Provide an amplifying link (or similar) that expands on what the message means if not immediately obvious.

For me, the bottom line is that I ran the scan and it reported a warning not relevant to my router and a statement of the obvious: my router runs common network services, precisely as I would expect it to.

Link to comment
Share on other sites

  • 4 weeks later...

Well, here it is again:

I would second Skier's criticism of this way of reporting scan results.

The same two messages come up when I run the router scan.

I have a Netgear router, and yes - 'admin' is sadly fixed as a user-ID. But this is not what the scan report says.

My router runs the latest (Netgear) firmware and is not on the list of vulnerable routers (as per TechCrunch) either.

As Skier said: "A report is only useful if it can be understood and acted upon" and I would add that it is poor that one has to start digging and guessing like this. The warning of a potential vulnerability ought to be It ought to have more detail relating to the actual specific router and the settings/features that triggered it.

Can an eset insider kindly elaborate further and feed back to the developers please?

TIA

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...