NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Avast Vulnerability Catalogue ID CVE-2017-14491 for the Nighthawk R7000 ac1900 dualband wifi router
I have got this report from Avast and Bitdefender after scanning my network and i have the latest firmware for my router. Any ideas if Netgear is working on a firmware update f...
For the subject CVE-2017-14491 plus a few more items to address should be 2.78 or higher. Check http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
As of this response from tier2 support on June 30:
I got an update from our Engineering team and they have confirmed that the R6900P router is not affected by the DNSMasq Vulnerability.
It is easy to make the problem go away by saying there is no problem. My dnsmasq is 2.75 - Avast Vulnerability Catalogue ID CVE-2017-14491 says my 6 month old Netgear router is vulnerable. I agree that it should be a priority to use the latest updates (dnsmasq 2.78 or later) to eliminate the problem or concern.
My R7000 AC1900 still has DNSmasq vs 2.15. Hoping that they get this updated soon. Really bad for business to no perform updates to customer systems for a vulnerability that is over a year and a half old.
Hoping isn't going to make it happen. We need to be on them about this nonsense. I was checking over the source for my R6400 which indicates a team "kathy", so I don't know if a "kathy" is responsible here or if it is indeed a team with kathy as leader. Whatever the case, as manufacturers of this hardware they are beholden to provide fixes to security issues. Compiling firmware from source that is 14 years old is negligent.