Forum Discussion

Guide

Dec 09, 2016

Solved

R7000 Vulnerability Note VU#582384

It has been reported on various outlets that there is a vulnerability with the R7000 and R6400 routers. Please see https://www.kb.cert.org/vuls/id/582384 . The advisor reads "Exploiting this vulnera...

backdoor

Security

security vulnerability

VU 582384

ElaineM
Dec 15, 2016
Hi All,

The Security Advisory for VU 582384 has been updated.

Also, for more information see the link below.

https://community.netgear.com/t5/Nighthawk-WiFi-Routers/Two-leading-Netgear-routers-are-vulnerable-t...

robwilkens

Guide

Dec 10, 2016

It would not show up on web interface. The sample just runs the telnet daemon which runs in background as a process. Try running a telnet to the router on the port.

Coherent_Lite

Guide

Dec 10, 2016

robwilkens--

Thank you for pointing out these issues:

robwilkens wrote:
It would not show up on web interface. The sample just runs the telnet daemon which runs in background as a process. Try running a telnet to the router on the port.

I went back and attempted to connect to the router with a putty telnet session. The connection was refused from both LAN and Internet IP addresses and from both the default ports and port 45. I think at this point I am reasonably convinced that the firmware does not respond to THIS aspect of the exploit, but may be vulnerable to others. I cannot disconnect my router, so I will just practice caution.

C.L