Forum Discussion

Guide

Dec 09, 2016

Solved

R7000 Vulnerability Note VU#582384

It has been reported on various outlets that there is a vulnerability with the R7000 and R6400 routers. Please see https://www.kb.cert.org/vuls/id/582384 . The advisor reads "Exploiting this vulnera...

backdoor

Security

security vulnerability

VU 582384

ElaineM
Dec 15, 2016
Hi All,

The Security Advisory for VU 582384 has been updated.

Also, for more information see the link below.

https://community.netgear.com/t5/Nighthawk-WiFi-Routers/Two-leading-Netgear-routers-are-vulnerable-t...

troco

Tutor

Dec 10, 2016

I wasn't successful in the telnetd variant of this exploit, but was successful in shutting down the web interface using bas996's link. Thanks for link. I'm guessing the telnetd may not be successful, but apparently 'kill' is, so perhaps other commands are as well. I rarely reboot the router, so this will have to work for now.

sourceror

Initiate

Dec 11, 2016

If you change that command a bit then opening a telnet connection works.

You can then connect as root without typing any password.

Plus the built-in webserver is running as root as well.

Please guys this is insane. Who does that?

netgear, get a fix out immediately!