Forum Discussion

Tutor

Feb 18, 2018

Solved

R7000 open vulnerability with unencrypted logon

R7000 seems to accept unencrypted (plain text) logins? This is also a vulnerability notification from anyone running Bitdefender Box scanning router. When logging into router there is no encryption b...

Firmware

FURRYe38
Feb 20, 2018
Well, maybe something NG will look at. Would be up them to make changes. I presume some of this would be customer or how many instances of bad experiences with this issue. Haven't seen a ton of issues where people are abusing this issue. May not be something to worry too much about, since this has been the norm regarding the UI for a long time. Up to the Mfrs though.

schumaku

Guru - Experienced User

Feb 19, 2018

duckwarewrote:
https to the router ip address

Does the R7000 support https access to the local Netgear Genie Web UI at all (or already)?

duckware

Prodigy

Feb 19, 2018

https://routerlogin.net (and of course http://routerlogin.net) works for me on R7800

IrvSp
Master
Feb 19, 2018
I tried https://routerlogin.net/ on Firefox and got the same error? http://routerlogin.net/ works fine? It even fails on MS Edge?

Does the OS have something to do with this? Or the F/W version? I'm on W10 V1709 and the V1.0.9.26 F/W.
IrvSp
Master
Feb 19, 2018
duckware, just noticed you mentioned you are on an R7800. Might work there but doesn't seem to on the R7000.
- duckware
  Prodigy
  Feb 19, 2018
  Interesting. Time for Netgear to chime in (JamesGL) -- when was https support added?
  - schumaku
    Guru - Experienced User
    Feb 19, 2018
    duckwarewrote:
    ... when was https support added?
    Only selected models have got https on the LAN recently. No idea if and when older Nighthawk models will get it, too.