NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
R7000 Vulnerability Note VU#582384
It has been reported on various outlets that there is a vulnerability with the R7000 and R6400 routers. Please see https://www.kb.cert.org/vuls/id/582384 . The advisor reads "Exploiting this vulnera...
Hi All,
The Security Advisory for VU 582384 has been updated.
Also, for more information see the link below.
Would it be possible to use the option to block internet sites
to block the RouterIP addresses that cause the vulnerability?
It might, but I can't make it work. Anybody?
Of course, this would just provide a temporary workaround until NetGear gets their act together.
Another idea to try to push them on Twitter: LET'S ALL SHOUT AT THEM : @NETGEAR
I just sent this tweet:
netgear Please immediately provide fix to R6400 and R7000 vulnerability! http://www.zdnet.com/article/two-netgear-routers-are-vulnerable-to-trivial-to-remote-hack/ Customers: don't buy until this is fixed!
BvdRee
I don't think blocking the routers ip address from the router would help -- The problem is accessing the router from your in-home network,most like at 192.168.1.1 address. They get you to open a web page that has a frame that goes to that address and opens a port (or whatever else it may want to do) and once that port is open it is open to external network.
What _might_ work, is somehow blocking 192.168.1.1 (or whatever your router address is) from all of your potential web browsing applications, so they can't issue commands to the router without you consciously turning that off.
I do not do this myself, and suspect you'd have to be good at working your firewall software on your laptop to block this -- and i suspect it would be an annoyance if you did need the web interface of router (I like to use it to check IP addresses on attached devices).
-Rob
I just posted this on the other thread regarding this exploit: I tested the exploit on my router which is running firmware version V1.0.3.68_1.1.31 . The string resulted in the router requesting the admin password and then failing to the "Unauthorized Access" screen. The command after the semicolon did not appear to be executed. Unfortunately, I could only test on my local network, so I cannot confirm that this a "universal fix", but it may be a work around while NetGear cooks up a fix.
Safe surfing...
Just because you got an error message does not mean the command wasn't executed, you might not see the output of the command in the web browser.. I would check if any ports were openned by, for example, if your command ran telnetd then telnet to that port to see if it was open. I'm not about to do this on my router on purpose. I suspect if i did this, a reboot might close the port again as nothing was done to make telnetd start automatically on boot..
The "Twitter Campaign" is a good idea. I would encourage readers of this thread that are affected by this problem to post Tweets to @netgear .
BvdRee I like the Twitter idea, but we need a hashtag as well. How about #NetgearBrokenSecurity?
Or #NetgearSevereSecurityFlaw ...
I don't understand why Netgear does not communicate at all. My (other brand) NAS receives updates regularly, even today.
Go for it. I haven't heard a word or read anything. Anyone?
Any chance we can get the government (CERT=Sponsored by Homeland Security) to make the company issue a 'safety recall' the way they did for the note 7, or for other dangerously faulty products?