NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Web GUI Password Recovery and Exposure Security Vulnerability
I would like to point out to Netgear that their password recovery options are woefully insecure. I followed their advice to turn on Password Recovery but immediately aborted, Every single question ca...
Hi All,
Here is the KB article for the said vulnerability. You can check for the specific model number that is affected.
Just saw the email contents in The Security Advisory Section.
Nice of them to send me an email two months after the fact.
Looks like someone at Tech Support doesn't know what he's talking about.
I have no checkbox to enable PW recovery -- any suggestions.
To me it sounds so counter-intuitive to plug a security vulnerablity by enabling PW recovery.
Hi All,
Here is the KB article for the said vulnerability. You can check for the specific model number that is affected.
Hello :-)
Thanks for the response.
Why did the telephone Tech Support Techie tell me the email was a scam and to ignore it?
Why did I not receive the alert email until two months after the vulnerability was discovered? Does anyone in Netgear Security have a dictionary with the words "Responsible" and "Responsibility" in it?
I can not perform the required fix as my GUI change PW page has no checkbox to enable password recovery.
Why am I going yo have to toss my $260 Netgear swiss chease "secure" box, cuz It appears to be unfixable since I have no checkbox to "enable PW Recovery"
Why do I have to pay $50 to extend my CS to get help to eliminate a vulnerability that was caused by a Netgear Design Flaw.
In Netgear's busness it can have The Best Products BUT without acting responsibly to critical security issues and without competent customer support it has nothing.
Send my contgratulations to the execs at Netgear for having nothing. I have posted this shocking experience on The World's most highly regarded security forum, on which I have been an active participant for a decade. It has a huge international following. After coming to this forum I cautioned that it might be incorrect as to the actual existence of the vulnerability but is correct about Netgear's apparently ignorant Customer Support, lack of responsibilty, and wothless 90 day customer help policy. Congratulate the execs. on their upcoming well-deserved %15 decline in consumer products revenues.
In the automobile industry when a design defect that threatens the wellbeing of a customer is discovered, the offending company issues a recall and fixes the threat for free.
The proposed solution is unworkable on my system Now that it is confirmed to be real and not a scam as I was misinformed by Netgears's poor excuse for a competent Tech Support Staff.
It is amoral and a bad business practice that I should now have to pay Netgear $50 to get help in fixing Netgear's critical design flaw.
It shocks the conscience.
Pardon my emotional outrage.
NB: Sent via an unsecured wi-fi network.
I have had my post that I referred to on another forum deleted so as to prevent the possibility of someone's failing to act on the basis of Netgear's Uninformed Tech Support's Misinformation.