NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
NightHawk X4S AC2600 Model R7800 VU#582384
I tried using the http://[router-address]/cgi-bin/;uname$IFS-a link to see if my computer was affected with the bug. And I got the number 0 on the screen. Which makes me wonder if my router is affect...
It's not one of the known affected models at this time. Please see the Security Advisory for VU 582384
You should keep an eye on that advisory for now as we are updating it regularly.
It still doesn't answer the question. Is the 0 in the page considered an error? Because if not, then it is affected as stated in many articles using the http://[router-address]/cgi-bin/;uname$IFS-a to check vulnerability of router. Saying it's not part of the affected list doesn't tell me if the 0 i'm getting on screen is an error. Hope this clearify the question I was asking. Thank you.
What you see looks like a blank page to me:
The accessed Web page should show a error or blank page, otherwise you can assume that the fix didn’t work.
That (with its grammar lapse) is from:
Netgear Router: Critical Unfixed Vulnerability Permits Hacker Takeover
It's in top left corner.. It's the best picture I could get. I could send it thru imgur maybe it has a better image.
Anyways I sent a letter to the netgear secrutiy support email. waiting for a response. :)
It's not on the known list of affected devices but it would be advisable to keep monitoring the advisory page for now until our investigation is complete.
All I can say is that the response you see is nothing like the screen I got when I tested my own vulnerable modem/router.
Unfortunately, I didn't grab the screen back then.
It would be useful is Netgear posted the sort of response expected from a vulnerable device. Then it wouldn't have to fend off a constant stream of similar queries.
Here is a message from a third party source that knows it stuff. This has more detail of what to expect when you test the device:
Netgear router remote control bug – what you need to know – Naked Security
That says:
Q. Can I test my own router?
Try visiting this URL:
http://routerlogin.net/cgi-bin/;uname
That should send a web request to the potentially vulnerable software component in your router.
If the exploit works, your router will run the command uname, a Unix utility that prints out the identity of the operating system, which is Linux on Netgear routers.
So, if you see a regular-looking error message, we think you are safe because your router didn’t run the unwanted command.
But if you see a web page including output that consists of the word Linux, you should assume the exploit worked because the command named in the URL ran.Maybe Netgear can confirm this.
Sounds like I'm safe. As long I don't show Linux on it. So looks like the 0 is considered an error. :) Well time to set up the router then!