Arlo|Smart Home Security|Wireless HD Security Cameras

Reply
Discussion stats
  • 2 Replies
  • 1583 Views
  • 0 Likes
  • 2 In Conversation
lw1
Initiate
Initiate

This very well may be a false positive, but clamXAV on macOS has recently been detecting (and quarantining) a blob with a virus signature in the Safari cache every time the web application is loaded from the following URL:

 

https://arlo.netgear.com/#/login

 

The virus signature is detected in the WebKitCache:

 

/Users/*****/Library/Caches/com.apple.Safari/WebKitCache/Version 11/Blobs/8B41DC088D7BDED693025C539E3762F1E96E1A74: Html.Exploit.CVE_2017_8757-6336185-0 FOUND

 

I've researched this a bit, and it is a Windows virus, so it shouldn't affect macOS.  Windows is a different story (assuming this is not a false positive).

 

At any rate, the Netgear team might want to check the other resources (there are several .swf files) that are loaded when this page loads.  

 

I've cleared the cache, and done some other testing, and it is highly repeatable.  My system is running macOS 10.13 and the latest version of clamXAV (with latest virus definitions).

 

2 REPLIES 2
jguerdat
Guru Guru
Guru

I'd suggest opening a case with support both here and with the ClamXAV folks.  This is a user forum and have no real way to ensure the web developers are made aware of this.

lw1
Initiate
Initiate

Support has now been emailed/notified.