NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
glibc vulnerability CVE-2015-7547
Is the R7000 vulnerable to the "new" glibc vulnerability indexed as CVE-2015-7547? For reference: http://arstechnica.com/security/2016/02/extremely-severe-bug-leaves-dizzying-number-of-apps-and-d...
Update:
As of this writing, our engineers confirmed that the following products are not vulnerable.
- DSL Gateways
- Cable Gateways
- Extenders
- Powerline
- Routers
- Security firewalls and VPN software
- Switches
- 11ac Access Points
We will provide another update as we complete the review of other products.
I think it would be well for NETGEAR to gain some user confidence, by informing its' users of the wide variety of its products, that are using Linux with Gnu C Library, which of those are vulnerable and what they propose to do to mitigate it, as well as the projected timescales. My own routermodem I know to be running a 2.6.x Linux version.
My Ubuntu based Linux system here was automatically updated yesterday & is now not vulnerable. The patch to fix the vulnerability is relatively small but all companies like Netgear have policies in place for software QA and will not release a fixed version until all regression testing etc has been satisfactorily passed and the updated "signed off". This is perfectly understandable good practice in the compensation culture we all live in, but the delay it introduces, allows the bad guys time to make use of the exploit loophole until it is closed off in a majority of Linux-based systems.
I am also unable to insert the model number in the Model box - FYI it is DGND3700v2
Les
I am waiting for a confirmation from our engineers if any of our routers are affected by the said vulnerability ID.
Will post an update soon.
Hello I was wondering if the Nighthawk R7000 router is affected by the glibc vulnerability.
It's been 10 days, Elaine. When can we get an answer on this?
Still waiting on this very Urgent matter!!