CVE-2023-28531

Comments

1 comment

  • Avatar
    Stuart

    I don't really trust Netgear for anything security-related. Having said that...

    CVE-2008-3844 applies to Red Hat Enterprise Linux from years ago. I don't see that it would apply to a modern Ubuntu system.

    CVE-2023-28531 only applies if you're logged in to the Firewalla system via SSH or on the console and you use SSH to connect from there to another system. It's a problem with missing destination constraints when using smartcard keys. Unless you're doing abnormal things from the CLI of your firewall, I don't see that this one applies. I know that I personally wouldn't try to setup a smartcard key with ssh-agent on my Firewalla. I don't use my firewall systems as desktops either.

     

     

     

     

    0
    Comment actions Permalink

Please sign in to leave a comment.