NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
kochin
Dec 09, 2016Apprentice
R7000 & R6400 Vulnerability Note VU#582384
[When I created this post, I wasn't aware of the 2 discussions already on this topic: Two leading Netgear routers are vulnerable to a severe security flaw R7000 Vulnerability Note VU#582384] ...
- Dec 15, 2016
Hi All,
The Security Advisory for VU 582384 has been updated.
Also, for more information and update see the thread below.
guilhermeofranc
Dec 12, 2016Star
Hi,
The problem is also described here: https://securityledger.com/2016/12/vulnerability-prompts-warning-stop-using-netgear-wifi-routers/
You can see the IPs of affected routers by using this link: https://www.shodan.io/search?query=r7000
mdgm-ntgr
Dec 13, 2016NETGEAR Employee Retired
The Security Advisory has been updated with more information and beta firmware for some models.
- kochinDec 13, 2016Apprentice
I downloaded the beta firmware R7000-V1.0.7.6_1.1.99.chk and updated my R7000 router. So far, with the beta firmware, the router seems to be working just like before. I have experienced no problems on my LAN, which includes a WiFi extender.
The security vulnerability appears to be fixed in this beta firmware. All tests of proof of concept reported back with "401 Unauthorized" as it should be.
- microchip8Dec 13, 2016Master
I find it really a terrible job if NG was notified of this issue months ago and did nothing until the person who discovered it went public and then NG had to act. Will make me think twice before I go with NG routers again and make me think thrice before recommending them, especially when ran on stock firmware
- kochinDec 13, 2016Apprentice
Yes, it's very sad that it has to become a bad publicity for Netgear to respond to this security vulnerability after more than 3 months. It really makes customers question Netgear's attitute toward securing their network products.
- RMinNJDec 14, 2016Luminary
"...
The Security Advisory has been updated with more information and beta firmware for some models. ..."
Will this firmware shut off the telnet backdoor to the router or should we file another security report for that ?
- kochinDec 14, 2016Apprentice
Not sure what telnet backdoor you were talking about. Did you mean the telnetd running at your router after you tested the proof of concept? Simply power your router off and then on, and it will be gone.
RMinNJ wrote:Will this firmware shut off the telnet backdoor to the router or should we file another security report for that ?
- RMinNJDec 14, 2016Luminary
Yes, but someone can send the "magic packet" to the router and telnet will be on again. I think the premise of the security lies in
the fact that that packet has to have the correct admin password? Would prefer if this turn on daemons via magic packets feature could be disabled..