I took the time and looked at the source code of a number of Netegar devices (see http://kb.netgear.com/app/answers/detail/a_id/2649/~/open-source-code-for-programmers-(gpl)). Anyone concerned about the OpenSSL Heartbleed Vulnerability, here are the versions of OpenSSL ran by select Netgear routers, storage devices and cable modems. The only devices vulnerable are those running the ReadyNAS OS version 6.1.6 or older. If users update to OS6.1.7 that was released Friday, April 11th, they will then be patched:
ROUTERS:
R7000 (v1.0.2.164): OpenSSL 0.9.8e
R6300v2 (v 1.0.2.86): OpenSSL 0.9.7f
R6300v1 (v1.0.2.70): OpenSSL 0.9.7f
R6250 (v.1.0.1.84): OpenSSL 0.9.8e
R6200v2 (v1.0.1.18): OpenSSL 0.9.2b
R6200v1 (v1.0.1.52): OpenSSL 0.9.7f
R6100 (v1.0.0.38): OpenSSL 0.9.8p
WNDR4700 (v1.0.0.52): OpenSSL 0.9.8p & CyaSSL 1.6.5
WNDR4500v2 (v1.0.0.42): OpenSSL 0.9.7f
WNDR4500v1 (v1.0.1.40): OpenSSL 0.9.7f
WNDR4300 (v1.0.1.60): CyaSSL 1.6.5
WNDR3800 (v1.0.0.48): OpenSSL 0.9.8e
WNDR3700v4 (v1.0.1.52): CyaSSL 1.4.1
WNDR3700v3: Unable to Determine
WNDR3700v2: Unable to Determine
WNDRMACv2 (v1.0.0.20): OpenSSL 0.9.8e
WNDRMACv1 (v1.0.0.22): OpenSSL 0.9.8e
WNDR3400v3 (v1.0.0.22): OpenSSL 0.9.7f
WNDR3400v2 (v1.0.0.44): OpenSSL 0.9.7f
STORAGE
Netgear Stora MS2000/MS2110 (v2.3.2): OpenSSL 0.9.8b
Netgear ReadyNAS OS v4.1.13: OpenSSL 0.9.8g
Netgear ReadyNAS OS v5.3.10: OpenSSL 0.9.8o
Netgear ReadyNAS OS6.1.6 or older: **VULNERABLE** Update to OS6.1.7 to patch
OTHERS
Netgear CMD31T Cable Modem: OpenSSL 0.9.8a
WNCE4004 (v1.0.0.32): OpenSSL 0.9.8k
ROUTERS:
R7000 (v1.0.2.164): OpenSSL 0.9.8e
R6300v2 (v 1.0.2.86): OpenSSL 0.9.7f
R6300v1 (v1.0.2.70): OpenSSL 0.9.7f
R6250 (v.1.0.1.84): OpenSSL 0.9.8e
R6200v2 (v1.0.1.18): OpenSSL 0.9.2b
R6200v1 (v1.0.1.52): OpenSSL 0.9.7f
R6100 (v1.0.0.38): OpenSSL 0.9.8p
WNDR4700 (v1.0.0.52): OpenSSL 0.9.8p & CyaSSL 1.6.5
WNDR4500v2 (v1.0.0.42): OpenSSL 0.9.7f
WNDR4500v1 (v1.0.1.40): OpenSSL 0.9.7f
WNDR4300 (v1.0.1.60): CyaSSL 1.6.5
WNDR3800 (v1.0.0.48): OpenSSL 0.9.8e
WNDR3700v4 (v1.0.1.52): CyaSSL 1.4.1
WNDR3700v3: Unable to Determine
WNDR3700v2: Unable to Determine
WNDRMACv2 (v1.0.0.20): OpenSSL 0.9.8e
WNDRMACv1 (v1.0.0.22): OpenSSL 0.9.8e
WNDR3400v3 (v1.0.0.22): OpenSSL 0.9.7f
WNDR3400v2 (v1.0.0.44): OpenSSL 0.9.7f
STORAGE
Netgear Stora MS2000/MS2110 (v2.3.2): OpenSSL 0.9.8b
Netgear ReadyNAS OS v4.1.13: OpenSSL 0.9.8g
Netgear ReadyNAS OS v5.3.10: OpenSSL 0.9.8o
Netgear ReadyNAS OS6.1.6 or older: **VULNERABLE** Update to OS6.1.7 to patch
OTHERS
Netgear CMD31T Cable Modem: OpenSSL 0.9.8a
WNCE4004 (v1.0.0.32): OpenSSL 0.9.8k
Last edited: