Japanatron Logo

Netgear ReadyNAS - Disturbing FTP Bug

Details

Netgear ReadyNAS NV+
I have a Netgear ReadyNAS NV+ and have loved everything about it up until now.  I recently enabled password-protected FTP access to 1 share, opened a port in my firewall, and used the

feature to transfer photos from my parent's computer in Los Angeles to my NAS in Tokyo.  It worked wonderfully.

Last weekend I was recabling the USB drive I use to backup the NAS.  I briefly disconnected it and reconnected it.  Unbeknownst to me, this action enabled public FTP access to the backup folder on my USB drive.  All of my private information was fully exposed to the public Internet.  The FTP access was neither password-protected nor even shown as active in the ReadyNAS's web console.
 
Lucky for me, I discovered the situation quickly and remedied it by disabling all FTP access and closing the port on the firewall.  I scoured the NAS's FTP logs checking if anyone had downloaded my information.  No one had.  Whew!  Close call!
 
I checked the ReadyNAS forums looking for anyone who had shared my experience.  Not too surprisingly, someone had: http://www.readynas.com/forum/viewtopic.php?f=23&t=25808

Netgear's response was that the bug will be fixed in a future firmware revision.  Well, at least they're aware of the problem.  Until then I simply don't trust this feature.  No more opening firewall ports for me.

Related Articles

Joomla - YouTube Videos Too Bi...

PROBLEMAfter updating my Joomla Gavick template to the latest version, the embedded YouTube videos appeared massively large on desktop browsers.  Mobile browser...

The Hunt for the Ultimate Free...

I spent some time researching top-rated, but free antivirus security software for both Mac and Windows.  There are far more free antivirus software solutions ou...

How to Spot a Fraudulent Onlin...

I offer some tips on distinguishing lawful online businesses from dishonest ones. Check the site reputation and scan for malware. I compiled a list a service...

How To Fix Google Nest Audio C...

Due to the cheap Japanese yen, I've been doing a lot of shopping recently.  I decided to upgrade my aging Sony Google Assistant speaker to the latest Google Nes...