NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
WPA2 - KRACK / Vulnerability
Hi Netgear, I think this is really important and should be monitored closely and all the wifi users should ask the vendors to monitor an patch this. Looks like that WPA2 is about to be cracked and ...
NETGEAR is aware of the recently publicized security exploit KRACK, which takes advantage of security vulnerabilities in WPA2 (WiFi Protected Access II). NETGEAR has published fixes for multiple products and is working on fixes for others. Please follow the security advisory for updates.
NETGEAR appreciates having security concerns brought to our attention and are constantly monitoring our products to get in front of the latest threats. Being pro-active rather than re-active to emerging security issues is a fundamental belief at NETGEAR.
To protect users, NETGEAR does not publicly announce security vulnerabilities until fixes are publicly available, nor are the exact details of such vulnerabilities released. Once fixes are available, NETGEAR will announce the vulnerabilities from NETGEAR Product Security web page.
Download and unzip the RBR and RBS beta firmware.
Power cycle all your devices (RBR50 and RBS50(s))
once everything is up, go to advanced>administration>attached devices
write down the IP address(s) of the satellite(s)
enter the satellite(s) IP address in your browser
enter the UID and PWD (same as your router)
select firmware update
browse and navigate to the unzipped folder for the RBS units
select and open the img file
select upload
that should get the job done.
Hi,
Thanks for the reply. I did all of the steps above, except the pre boot. Rebooted my setup and now they updated fine. So running on 2.0.0.76 now.
The Hotfix did not work out well for me. Had devices all over the house randomly dropping off and then coming right back on again. With 1 Echo, 2 Taps and 8 Dots it got annoying having them keep announcing they had lost their connection. Similar issue with Wink Hub2, and iSmart alarm cams. Downgraded back to 2.0.0.74, hard reset all devices and then manually set up from scratch.
Things are stable again. TP-Link LB100's were dropping connections too. IDK... guess that's why they call it a beta.
Does anyone know if a new official Firmware will be released that will include this vulnerability fix?
wchp wrote:The Hotfix did not work out well for me. Had devices all over the house randomly dropping off and then coming right back on again. With 1 Echo, 2 Taps and 8 Dots it got annoying having them keep announcing they had lost their connection. Similar issue with Wink Hub2, and iSmart alarm cams. Downgraded back to 2.0.0.74, hard reset all devices and then manually set up from scratch.
Things are stable again. TP-Link LB100's were dropping connections too. IDK... guess that's why they call it a beta.
Given the only change to the current production firmware was supposed to be the KRACK fix, I'm quite surprised by this. I also applied it at home (3 Echos, 2 Dots, 2 Nests, 9 Nest Protects, and 1 Google Home Mini) completely without issue - the network works just as well before as after.
I'm in AP mode - not sure if that makes a difference.
Rodney
Netgear's slow and unresponsive attitude to the Krack exploit is very worrisome. Even though the Orbi is sold, and priced, as a premium WiFi mesh solution it is not getting any significant improvments. The Krack fix is still in beta, the guest network in AP mode is worthless due to lack of isolation, the iOS app is poor and missing features.
If you look at some of the other Mesh WiFi products they are adding feature and refinements. One small example, on a competitor's system they have an isolated guest network and you can send someone an invite with access to your guest network for a specific amount of time. ie. 1 hour, 12 hours or 1 day.
"Knock, knock Netgear...is anyone there?"
