NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
R7000 Vulnerability Note VU#582384
It has been reported on various outlets that there is a vulnerability with the R7000 and R6400 routers. Please see https://www.kb.cert.org/vuls/id/582384 . The advisor reads "Exploiting this vulnera...
Hi All,
The Security Advisory for VU 582384 has been updated.
Also, for more information see the link below.
For me, if they can't be trusted to patch vulnerabilities quickly then this will be my last netgear product. R7000 was release Oct. 1 2013 so the router isn't old enough to not have security patches. I had the linksys wrt54g for like 10 years strong.
In complete fairness to Netgear, yesterday was the day that CERT released this vulnerability note. Let's say they did come up with a fix, it would probably a period of testing internally before safely releasing this to the general public, there's nothing worse a company can do to their reputation with users than fix something that breaks something else that was working.
20 years ago I used to be a CERT coordinator for a computer company (we had our own UNIX-based OS) and there's a process from getting the vulnerability, to determining which if any devices are vulnerable, to submitting it to an internal database of issues, to it being prioritized by management and assigned, to the investigation of cause, to the development of a fix, to making sure that fix doesn't negatively affect users, and of course to packaging and distributing the fix.
While I agree with your comments, I think a simple acknowledgent of the issue by Netgear is in order and would serve to let owners know that they're working on the problem.
There are a lot of people that are of the same opinion. I strongly urge you and others to tweet @netgear to voice your displeasure. The Netgear twitter page is getting bombarded with complaints. Curiously, not a single word out of Netgear.