2
Votes

Vulnerability: built-in radius using weak or compromised ciphers/hashes

 
2
Votes

Vulnerability: built-in radius using weak or compromised ciphers/hashes

Vulnerability: built-in radius using weak or compromised ciphers/hashes
Vulnerability: built-in radius using weak or compromised ciphers/hashes
2024-01-17 17:05:52 - last edited 2024-01-18 01:24:15
Model: OC200  
Hardware Version: V1
Firmware Version: 1.28.1 Build 20231117 Rel.58466
  • Issue #1: Built-in Omada Radius server uses EAP-MD5-Challenge by default. This method is compromised and deprecated, and declined by the client machine for that reason.
  • Issue #2: Built-in Omada Radius server then switches to EAP-PEAP but resorts to the weakest cipher supported by the client for the outer tunnel (TLS_RSA_WITH_AES_128_CBC_SHA, which is consered weak: https://ciphersuite.info/cs/TLS_RSA_WITH_AES_128_CBC_SHA/).
  • Issue #3: Built-in Omada Radius server still "secures" the inner tunnel with MD5, which again is a compromised method that leaves users vulnerable.
  • Issue #4: TLS 1.3 doesn't seem to work to secure the outer tunnel.

 

Expected behaviours:

 

  • Compromised ciphers should be disabled in the built-in Omada Radius server.
  • The built-in Omada Radius server should pick the strongest common cipher.
  • The built-in Omada Radius server should implement TLS 1.3 to secure the outer tunnel
#1
Options
2 Reply
Re:Vulnerability: built-in radius using weak or compromised ciphers/hashes
2024-01-18 03:13:34

Hi @mtl_squirrel,

 

Thank you for your valuable feedback.

I've recorded this request and will report it to the developer team for evaluation.

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*
#2
Options
Re:Vulnerability: built-in radius using weak or compromised ciphers/hashes
2024-05-18 00:21:48

  @Hank21 Thank you for passing it along. Do you know if this is on the roadmap?

#3
Options