Netgear users advised to stop using affected routers after severe flaw found

  • 1
  • Problem
  • Updated 2 years ago
  • In Progress

Two leading Netgear routers are vulnerable to a severe security flaw

An advisory posted on Friday in Carnegie Mellon University's public vulnerability database (CERT) said that Netgear's R7000 and R6400 routers, running current and recent firmware respectively, are vulnerable to an arbitrary command injection flaw.

If exploited, the vulnerability could let an unauthenticated attacker run commands with root privileges.

The code to exploit the vulnerability -- effectively just a URL -- has been released publicly, allowing anyone to carry out attacks

An attacker would have to trick a user into visiting a website that contains the code, such as an invisible web frame, to exploit the flaw. Adding commands to the router's IP address can open up ports on the router, such as Telnet.

The advisory said that other router models may be vulnerable.

CERT advised users to "strongly consider discontinuing use" of the devices until a fix is made available.

It's not clear how many users are affected by the flaw. A Netgear spokesperson did not respond to a request for comment at the time of writing.


Router flaws are increasingly being exploited by attackers, who use vulnerabilities to launch large-scale distributed denial-of-service (DDoS) attacks to flood and overload networks with traffic.

Last week, almost a million users across Europe were thrown off the internet after criminals tried to hijack home routers as part of a coordinated cyber attack.

Source:

http://www.zdnet.com/article/two-netgear-routers-are-vulnerable-to-trivial-to-remote-hack/?loc=newsl...


Photo of Gwalk900

Gwalk900, Champion

  • 451 Posts
  • 471 Reply Likes

Posted 2 years ago

  • 1
Photo of Christine Conrad

Christine Conrad, Champion

  • 263 Posts
  • 292 Reply Likes
Thanks for alerting us.
Photo of Diana

Diana, Viasat Employee

  • 2215 Posts
  • 417 Reply Likes
Hi Gwalk900 Thank you for the heads up on Negear routers.
Photo of Dave

Dave

  • 116 Posts
  • 20 Reply Likes
Hi Gwalk900
I just got a email about 2 hours ago. There is a update for the firmware on their site now.
Here is a link for it in casr you guys didn't get a email or notice. I hope this helps. I did mine and all is well.

Security Vulnerability: VU#582384

The Vulnerability:
NETGEAR is aware of the security issue #582384 that puts a network at risk by allowing for unauthenticated web pages to pass the command-line interface leaving open the potential for arbitrary command execution by remote attack. 

What You Can Do: 
NETGEAR strongly recommends that all users download the production version of the firmware release to automatically install the R7000 firmware, follow these instructions. 
 (To manually update your firmware please follow these instructions

What We Are Doing: 
We appreciate and value having security concerns brought to our attention. NETGEAR constantly monitors for both known and unknown threats. Being pro-active rather than re-active to emerging security issues is fundamental for product support at NETGEAR. It is NETGEAR's mission to be the innovative leader in connecting the world to the internet. To achieve this mission, we strive to earn and maintain the trust of those that use NETGEAR products for their connectivity. 
(Edited)