NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
New vulnerability discovered affecting Netgear routers
I have an N900 WNDR4500v2 Router running the most current version of firmware. Is it vulnerable to the cracks announced last week (approx. Dec. 8-9)? Thanks, NPC
It's not listed as one of the known affected systems.
NETGEAR is aware of the security issue #582384 affecting R6250, R6400, R6700, R7000, R7100LG, R7300, R7900, R8000 routers. Stay updated here: http://kb.netgear.com/000036386/CVE-2016-582384
We now have beta firmware containing fixes for some affected models.
We're working hard on fixes for the other affected models and will update the security ticket above soon.
There's any easy check to see if you're affected which involves checking what you see when visiting a URL on your router.
19 Replies
It's not listed as one of the known affected systems.
NETGEAR is aware of the security issue #582384 affecting R6250, R6400, R6700, R7000, R7100LG, R7300, R7900, R8000 routers. Stay updated here: http://kb.netgear.com/000036386/CVE-2016-582384
We now have beta firmware containing fixes for some affected models.
We're working hard on fixes for the other affected models and will update the security ticket above soon.
There's any easy check to see if you're affected which involves checking what you see when visiting a URL on your router.You might like to follow this:
Two leading Netgear routers are vulnerable to a se... - NETGEAR Communities
Thanks!
Netgear was told about this vulnerability 4 MONTHS AGO and you are only acknowledging it now after the guy who found it went public. This doesn't sound like you are working very hard to fix this security hole. Are you expecting all your customers to stop using Netgear products or are you just not too worried about the botnet army you may be creating?
http://www.tomshardware.com/news/netgear-critical-security-vulnerability-router,33173.html
Just curious. Unfortunately (for me) I just picked up an R7000 router after my N600 gave up the ghost. I was very happy with it until reading this news...
Drewbot
As our investigation continues we will have further updates to our security advisory. Thank you for your patience.
I am using an R6400 I got during a beta test a while ago. Can I update it with this firmware and other production firmware versions in general?
parac wrote:
I am using an R6400 I got during a beta test a while ago. Can I update it with this firmware and other production firmware versions in general?
Yes, I'm running the latest beta firmware for the R7000 on my beta R7000 unit. So you should be able to run the latest beta firmware for the R6400 on your beta R6400 unit.
Note though that beta test units may not work with 3rd party firmware as 3rd party firmware is typically not tested on beta test units. So I would stick with NETGEAR firmware on beta test units.
