NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

cltejensen's avatar
cltejensen
Follower
Jan 19, 2016
Solved

Misfortune Cookie for AC1900 R7000 with firmware v1.4.4.30

Is the firmware level vulnerable to the Fortune Cookie hack? If so is there a more recent version of the firmware that resolves the issue?
Security
  • dvinell's avatar
    dvinell
    Jan 24, 2016

    I think it's fairly standard for companies to be blind-sided by vulnerability reports from third party researchers, but that's not to say that they don't do their own internal testing as well.

     

    However, Netgear don't use RomPager, and aren't "on the list" as far as CheckPoint are concerned.

    I'd also keep remote management turned "off" to be safer.

     

    http://mis.fortunecook.ie/misfortune-cookie-suspected-vulnerable.pdf

     

timmi4sa's avatar
timmi4sa
Aspirant
Jan 22, 2016

Not sure we understand. You need a third-party report in order to recognize a vulnerability??? Should Netgear security or compliance team be responsible for being proactive about testing the products?

 

Looking forward to your reply. Thanks.

dvinell's avatar
dvinell
Tutor
Jan 24, 2016

I think it's fairly standard for companies to be blind-sided by vulnerability reports from third party researchers, but that's not to say that they don't do their own internal testing as well.

 

However, Netgear don't use RomPager, and aren't "on the list" as far as CheckPoint are concerned.

I'd also keep remote management turned "off" to be safer.

 

http://mis.fortunecook.ie/misfortune-cookie-suspected-vulnerable.pdf