NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Security email: Disable remote management
I received an e-mail about Web GUI password recovery vulnerability and two-step instructions to follow. I was successful in step 1. Step 2 requires that you check to ensure that remote management is...
Hi All,
It is a legit e-mail.
We also have posted it on here in the community.
Web GUI Password Recovery and Exposure Security Vulnerability
Hi,
I found the same security advisory message on the Netgear website . See link
https://www.netgear.com/about/security/?cid=gwmng
Interestingly, the advisory was released on 5/9/2016 and I only received the e-mail yesterday almost 6 weeks later. I think it is real
Hi All,
It is a legit e-mail.
We also have posted it on here in the community.
Web GUI Password Recovery and Exposure Security Vulnerability
Default Gateway is blank, and I cannot figure out how to connect my PC to the router. I have an ethernet cable, but there's only one place to plug that in, and that's where the internet cable is plugged in.
capayne What's the model number and version of your NETGEAR device?
WNDR4500v3N900
Well you better tell your Tech Support.
I just got the email a few hours ago - Tech support says to ignore it cuz its a scam.
the email address it came from has been closed.
My gui has no option to enable PW recovery is why I called support.
WTF is the true story? And if it's legit what kind of support is Netgear offerring these days ???????????????
BTW: This afternoon as late as 1:00 PM EST, the page on which the subject security advisory was taken down with an explanation that perhaps it was being modified).
When I access Advanced features, the check box to ENABLE remote management is NOT CHECKED so I assume it is not turned on. However, I have been using NetGenie to switch channels with my cell phone APP. Does NetGenie NOT USE remote management? If it does, why can I remote manage without it turned on?
You state that it is a legitimate email and I have no doubt that you are right but perhaps you can answer me a few questions on that point.
The email address used by you is "NETGEARSecurity@e.netgear.com". Note, "e.netgear.com". not "netgear.com".
The download link provided for to recover the password is "http://kb.netgear.com/app/answers/detail/a_id/30632", note the address, "kb.netgear.com", not "netgear.com".
In an age we are constantly told to be vigilant against scams to maintain security, it appears to me that Netgear is perhaps one communications hardware company that makes it very difficult to determine wether an email is or is not valid, at least from Netgear as they appear to have a number of internet addresses any of which can be used to communicate with their customers and any of which can be used as links to send customers to.
Retired_Member wrote:You state that it is a legitimate email and I have no doubt that you are right but perhaps you can answer me a few questions on that point.
The email address used by you is "NETGEARSecurity@e.netgear.com". Note, "e.netgear.com". not "netgear.com".
The download link provided for to recover the password is "http://kb.netgear.com/app/answers/detail/a_id/30632", note the address, "kb.netgear.com", not "netgear.com".
In an age we are constantly told to be vigilant against scams to maintain security, it appears to me that Netgear is perhaps one communications hardware company that makes it very difficult to determine wether an email is or is not valid, at least from Netgear as they appear to have a number of internet addresses any of which can be used to communicate with their customers and any of which can be used as links to send customers to.
I agree, but your questions are more properly addressed to The Community Manager or Forum Moderator.
You are correct that the email address of the source of the email I received is: From:NETGEAR Security <NETGEARSecurity@e.netgear.com>
My main complaint is that I was explicitly told by a Netgear Telephone Support Rep that the email is a scam and that I should ignore it. The email address tended to confirm the Tech's statement. It appeared to me as being suspect.
I carry no brief to defend Netgear.
From all the discussions and comments by the Community Manager and Forum Moderator and high volume posters it appears that the email is legit
hawkeye
Got an email.
I have a WNDR 4500 v3.
I read the website and it does not state this model as being affected? Is it?
I do not have and "advanced tab in my genie. Where do I find it?
I searched the users manual for the term "remote management". and it can not find it.
(None of this makes sense. Why would I enable "passowrd recovery for for security??)
The ADVANCED tab is not in NetGear Genie App. It is found when you login to your router like your router. put http://www.routerlogin.com in an open browser address bar. Enter user name and password (usually admin and password unless you changed them). It opens NetGear Genie on your computer. There are two tabs--Basic and Advanced. Choose ADVANCED tab and then click on "Advanced Setup". In the dropdown menu, select "Remote Access"
At top of the window that opens is a checkbox to TURN ON REMOTE MANAGEMENT.
I have never turned this on but am able to use NetGear Genie on my cellphone to switch channels. So not sure what all is included in REMOTE MANAGEMENT but I haven't needed to turn on to manage my WiFi Network using cellphone.
Thank you! probably would never had found it without your help.
Annoyed666 wrote:Got an email.
I have a WNDR 4500 v3.
I read the website and it does not state this model as being affected? Is it?
I do not have and "advanced tab in my genie. Where do I find it?
I searched the users manual for the term "remote management". and it can not find it.
(None of this makes sense. Why would I enable "passowrd recovery for for security??)
The WNDR4500v1 and WNDR4500v2 are listed. Wonder if the just forgot to add WNDR4500V3 or if really is not affected by this security issue.
R4500 and WNDR4500v3 are not affected by this vulnerability.