NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
New R7000 Firmware Version 1.0.11.100
It's been a while but finally NG has released a new firmware for R7000! :smileyhappy: R7000 Firmware V1.0.11.100_10.2.100 Download: https://kb.netgear.com/000061805/R7000-Firmware-Version-1-0...
Here is a thread explaining more about the WPS issue.
https://community.netgear.com/t5/Nighthawk-WiFi-Routers/Can-t-disable-WPS/td-p/495976
Thanks for the responses.
I think this issue is different than the one described in the link provided by Thornado.
The posts in that thread indicate the checkbox is disabled (grayed out) when SSID broadcast is disabled. In my case, SSID broadcast is enabled and so is the checkbox. When I uncheck the checkbox and click apply the setting doesn't stick.
And as Additude has suggested, I've tried multiple browsers (IE, Chrome, Chrome mobile, Samsung mobile browser) All behave the same.
And finally, as Shadowsports has recommended, I have rebooted the router a couple of times since updating the firmware.
Does anyone think Netgear will release any more updates for this aging model?
None of us know whether or not Netgear will release any more updates for the R7000. This is a Community Forum with as far as I know, zero input from Netgear themselves. It's seemingly taken long enough for Netgear to update from V1.0.9.88, an update I did not bother to upgrade to from my factory installed version, v.64 because I've only owned my router for two months before this new firmware arrived.
This latest firmware update is not causing me any issues whatsoever and my update went without a hitch. I get it that not everyone has an easy time of firmware updates, but anyone can mitigate certain issues just by carrying out some basic preparation prior to committing and pressing that upgrade box. I'm not even sure why anyone would need to carry out multiple reboots either, prior to or after updating. That said, I suppose this model has been out for some time and undoubtedly models manufactured in the last couple of years may well contain different chips/components than models manufactured a few years previously, and these factors may or may not have an influence. My R7000 was only manufactured in March last year, so perhaps it's in better shape than a model several years older.
Here is NG's statement about 'How do NETGEAR Home routers defend WPS PIN against brute force vulnerability':
"NETGEAR home routers will protect themselves after several failed attempts to authenticate as an external registrar by entering a lock-down state. During the lock-down state, all WPS attempts using the Router PIN will not work. The router will return from the lock-down state after a predetermined time period. While the NETGEAR device is in a lock-down state, users can still use the WPS Push Button method to connect to the wireless network".
From that article:
Since only the Router PIN method is vulnerable to brute force attack, NETGEAR recommends disabling this function to best protect your network from invasion.
To disable the Router PIN method:
- Login to the router GUI by typing www.routerlogin.net on an Internet browser's address bar. Note: Default logins are: Username = admin, Password = password.
- Go to Advanced Setup menu and select Wireless Settings.
- Under WPS settings, put a check mark on Disable Router's PIN box.
Note: If your model does not have a "Disable Router's PIN" option, uncheck the "Enable Router’s PIN" box instead. - Hit Apply button to save settings.
This is what I'm trying to do, but the "Enable Router's PIN" checkbox refuses so stay unchecked. This was working on my router before upgrading from firmware v1.0.9.34.
So I can choose to protect myself from WPS vulnerability or all of the vulnerabilities addressed in the more recent firmware revisions. Is it too much to ask to be protected from all known vulnerabilities?
Out of pure curiosity, I decided to try the uncheck 'Enable Routers Pin'
There is clearly a bug here. I too can confirm that it does not stay unchecked on this new firmware. Unless of course Netgear have deliberately decided that this feature cannot be unchecked, but if that was the case, why have the option there in the first instance?
I never tried to uncheck the box on my previous firmware, v.64, so I cannot know if this is a carry over even from that firmware which preceded V1.0.9.88.
