NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Suspicious email - NETGEARSecurity@e.netgear.com - Web GUI Password Recovery and Exposure Security
WNDR3800
From an email from “NetGear” – is the email address, any of the click-able links in it, or the email itself legit?
Sender: NETGEARSecurity@e.netgear.com
Web GUI Password Recovery and Exposure Security Vulnerability
The Vulnerability:
NETGEAR has become aware of a security issue that can expose web GUI login passwords while the password recovery feature on your NETGEAR device is disabled. This vulnerability occurs when an attacker can access your internal network or when remote management is enabled on your NETGEAR device. Our records indicate that your NETGEAR product is affected. View the products affected
What You Can Do:
NETGEAR strongly recommends that you follow these two steps to remediate the vulnerability:
- Manually enable the password recovery feature on your device. For more information visit: h t t p: //kb .netgear .com/app/answers/detail/a_id/20027/~/configuring-router-administrative-password-recovery
- Ensure that remote management is disabled .Remote management is disabled by default. For more information, check the user manual for your product, which is available from h t t p: //www .netgear .com/support/
The potential for password exposure remains if you do not complete both steps. NETGEAR is not responsible for any consequences that could have been avoided by following the recommendations in this notification.
NETGEAR is working on a firmware fix and will email the download information to all registered users when the firmware fix becomes available.
Please check in periodically to view more information as this becomes available on our NETGEAR Security Advisory site.
What We Are Doing:
As a leading provider of networking products NETGEAR wishes to make it easy for our customers to stay informed of security updates regarding NETGEAR products. At NETGEAR, we strive to earn and maintain the trust of our customers by delivering products that are innovative, secure and preserve the privacy of our customer's data. The NETGEAR team is constantly monitoring for security vulnerabilities and will work to inform our customer base of fixes and identified security concerns with the intent of upholding the promise of keeping your data secure.
We appreciate you being a part of our efforts in creating a more secure world.
- The NETGEAR Team
There's no need to do anything in your part.
WNDR3800 is not affected.
You received the email as an announcement that in case you just have bought one of the devices in the list.
6 Replies
None of the answers address the question thus far.
Is "Sender: NETGEARSecurity@e.netgear.com" a legitamate email address for NetGear?
In the link in one of the reponses to my initial post my router is not in the list of affected routers.
I do not have remote management enabled and I never have.
Until I recieved the suspicious email and posted on this forum, I never registered my router and I do not own any other NetGear products.
So Again
Router: WNDR3800
From an email from “NetGear” – is the email address, any of the click-able links in it, or the email itself legit?
There's no need to do anything in your part.
WNDR3800 is not affected.
You received the email as an announcement that in case you just have bought one of the devices in the list.
Again, I never registered my router, NetGear should have never had my email address, so whether or not my router was covered under this or not is moot, I should have never recieved an email fro NetGear.
And the most important question - "Is "Sender: NETGEARSecurity@e.netgear.com" a legitamate email address for NetGear?" - is this a valid email address from NetGear to its consumers has not been answered?