Skier 7 Posted June 17, 2017 Share Posted June 17, 2017 (edited) I have no reason to suspect there's anything wrong with my router or Home Network but thought I'd run the 'Scan Router' feature (Tools | Home Network Protection | Scan Router) to see what was reported. I use the Netgear Orbi with one satellite that gives me excellent WiFi coverage. The scan reported two vulnerabilities: Update your router's firmware. Vulnerability Name: EDB-31617.A. Vulnerability Type: Bad access rights. Network services. Your router runs common network services. These are needed by the network and probably safe. What on earth do these reports mean or add? The firmware is the most up to date so what does 'Bad Access Rights' actually mean? (Yes, I have changed the default username and password to access the router's configuration). A report is only useful if it can be understood and acted upon. The second report regarding Network Services. My router runs common network services!! Go figure; it's a router that assigns IP addresses across my network and routes traffic; I would expect it to use common network services but without any expansion of what this phrase actually means it's worthless. Edited June 18, 2017 by Skier Spelling! Link to comment Share on other sites More sharing options...
itman 1,746 Posted June 17, 2017 Share Posted June 17, 2017 (edited) 5 hours ago, Skier said: Update your router's firmware. Vulnerability Name: EDB-31617.A. Vulnerability Type: Bad access rights That is in reference to this: https://www.exploit-db.com/exploits/31617/ There are a few postings on the NetGear forum about this Eset alert without any posted acknowledgement by Netgear of the issue. When was the last time your router's firmware was updated? Edited June 17, 2017 by itman Link to comment Share on other sites More sharing options...
Skier 7 Posted June 17, 2017 Author Share Posted June 17, 2017 11 minutes ago, itman said: That is in reference to this: https://www.exploit-db.com/exploits/31617/ There are a few postings on the NetGear forum about this Eset alert without any posted acknowledgement by Netgear of the issue. When was the last time your router's firmware was updated? Many thanks for that but specific to a very old router. As I stated, I'm using the Netgear Orbi and the firmware was updated about 3 weeks ago. Link to comment Share on other sites More sharing options...
itman 1,746 Posted June 17, 2017 Share Posted June 17, 2017 4 hours ago, Skier said: Many thanks for that but specific to a very old router. As I stated, I'm using the Netgear Orbi and the firmware was updated about 3 weeks ago. Appears Eset is warning about a new vulnerability discussed here: https://techcrunch.com/2017/01/31/netgear-exploit-could-expose-passwords-for-thousands-of-routers/ similar to the old one. Link to comment Share on other sites More sharing options...
Skier 7 Posted June 18, 2017 Author Share Posted June 18, 2017 itman, I appreciate your replies. However, my router isn't on that list so the warning generated is meaningless. If ESET SS provides a warning it must: Be relevant to what has been scanned i.e. in this case, the router model. Provide an amplifying link (or similar) that expands on what the message means if not immediately obvious. For me, the bottom line is that I ran the scan and it reported a warning not relevant to my router and a statement of the obvious: my router runs common network services, precisely as I would expect it to. Link to comment Share on other sites More sharing options...
UKUser 0 Posted July 11, 2017 Share Posted July 11, 2017 Well, here it is again: I would second Skier's criticism of this way of reporting scan results. The same two messages come up when I run the router scan. I have a Netgear router, and yes - 'admin' is sadly fixed as a user-ID. But this is not what the scan report says. My router runs the latest (Netgear) firmware and is not on the list of vulnerable routers (as per TechCrunch) either. As Skier said: "A report is only useful if it can be understood and acted upon" and I would add that it is poor that one has to start digging and guessing like this. The warning of a potential vulnerability ought to be It ought to have more detail relating to the actual specific router and the settings/features that triggered it. Can an eset insider kindly elaborate further and feed back to the developers please? TIA Link to comment Share on other sites More sharing options...
Recommended Posts