NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
R7000 & R6400 Vulnerability Note VU#582384
[When I created this post, I wasn't aware of the 2 discussions already on this topic: Two leading Netgear routers are vulnerable to a severe security flaw R7000 Vulnerability Note VU#582384] ...
Hi All,
The Security Advisory for VU 582384 has been updated.
Also, for more information and update see the thread below.
Hi,
The problem is also described here: https://securityledger.com/2016/12/vulnerability-prompts-warning-stop-using-netgear-wifi-routers/
You can see the IPs of affected routers by using this link: https://www.shodan.io/search?query=r7000
The Security Advisory has been updated with more information and beta firmware for some models.
I downloaded the beta firmware R7000-V1.0.7.6_1.1.99.chk and updated my R7000 router. So far, with the beta firmware, the router seems to be working just like before. I have experienced no problems on my LAN, which includes a WiFi extender.
The security vulnerability appears to be fixed in this beta firmware. All tests of proof of concept reported back with "401 Unauthorized" as it should be.
I find it really a terrible job if NG was notified of this issue months ago and did nothing until the person who discovered it went public and then NG had to act. Will make me think twice before I go with NG routers again and make me think thrice before recommending them, especially when ran on stock firmware
Yes, it's very sad that it has to become a bad publicity for Netgear to respond to this security vulnerability after more than 3 months. It really makes customers question Netgear's attitute toward securing their network products.
"...
The Security Advisory has been updated with more information and beta firmware for some models. ..."
Will this firmware shut off the telnet backdoor to the router or should we file another security report for that ?
Not sure what telnet backdoor you were talking about. Did you mean the telnetd running at your router after you tested the proof of concept? Simply power your router off and then on, and it will be gone.
RMinNJ wrote:Will this firmware shut off the telnet backdoor to the router or should we file another security report for that ?
Yes, but someone can send the "magic packet" to the router and telnet will be on again. I think the premise of the security lies in
the fact that that packet has to have the correct admin password? Would prefer if this turn on daemons via magic packets feature could be disabled..
