Securifi Community Forum
Securifi Products => Almond+ => Topic started by: lorek123 on October 28, 2017, 11:16:48 am
-
When i tried to connect to Almond+ via ssh I've got: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1. based on https://www.openssh.com/legacy.html ssh server is using outdated ssh configuration. When i dug deeper, i also found out that it has VERY OLD software installed:
Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-28 17:05 CEST
Nmap scan report for gateway (192.168.1.1)
Host is up (0.0025s latency).
Not shown: 96 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh Dropbear sshd 0.52 (protocol 2.0)
53/tcp open domain dnsmasq 2.66
Basic checks for those versions in CVE records shows that this router is vulnerable to several attacks that can give hostile person even remote code execution. Are you planning to do something about it? If your vendor is not going to provide new software, try to cooperate with OpenWRT/LEDE to add support for hardware using in Almond+. I've found that they are working on similiar CPU now: https://dflund.se/~triad/krad/gemini/ so maybe part of those patches would be useful for you.
It's sad that you are advertising as a "Secure" company and still providing such bad service in terms of basic security.
-
+1, please fix.
-
+ 1
-
+1