NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

JohnWDarby's avatar
JohnWDarby
Initiate
Jun 28, 2016
Solved

Web GUI Password Recovery and Exposure Security Vulnerability

I would like to point out to Netgear that their password recovery options are woefully insecure. I followed their advice to turn on Password Recovery but immediately aborted, Every single question ca...
Security
hawki's avatar
hawki
Apprentice
Jun 29, 2016

THIS IS A SCAM--IGNORE IT

 

I was on the phone with Tech Support to confirm the vulnerability and was informed the current email circulating about the vulnerability did not come from Netgear and is a scam!!! I must have asked him 10 times to be certain.

 

Does Netgear's left hand know what the right hand is doing????

 

The email account from which it came has been closed.

  • hawki's avatar
    hawki
    Apprentice
    Jun 29, 2016

    Well the "Official" Poster may have received the email and is not invulnerable to a scam. Would be nice to get a definitive answer.

     

    As you can see I have never posted here previously but registered today after speaking to Tech Support. Was shocked to see the "badges"'s: OP.

     

    I am still genuinely concerned about this issue.

     

    Support may be misinformed but I doubt they have been infiltrated.

     

    Does The CM Monitor all threads?

    • hawki's avatar
      hawki
      Apprentice
      Jun 29, 2016

      Just saw the email contents in The Security Advisory Section.

       

      Nice of them to send me an email two months after the fact.

       

      Looks like someone at Tech Support doesn't know what he's talking about.

       

      I have no checkbox to enable PW recovery -- any suggestions.

       

      To me it sounds so counter-intuitive to plug a security vulnerablity by enabling PW recovery.