NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
WNDR3400v3 router vulnerable to exploit, but there is no firmware update yet!
Hi,
My Avast security scan has identified my router as being vulnerabe to a hacker attack (buffer overrun) and suggests I update the firmware. (see screenshot) But apparently I have the latest frmware upgrade. There is no updated firmware for me to download. When will Netgear issue a firmware update? Does anyone know?
Netgear, are you listening? This is making me nervous.
Thanks,
John
3 Replies
trying again to show the screenshots ...
> [...] When will Netgear issue a firmware update? [...]
A quick Web search for "ZDI-CAN-9703" might find:
https://kb.netgear.com/000061982
For the WNDR3400v3, the answer appears to be "never".
As I read it, the vulnerability affects the management web server, so
disabling (not enabling) Remote Management should block any attempts to
exploit it from outside your LAN. Malware on your local systems would
still pose a threat, but that's true of any malware on your local
systems.
I wouldn't rely on an update. the router was originally released 10 years ago. Your specific version was 6 years ago. It did get an update 9/2020 but if you get more than that, I'd be impressed.
Netgear supports their devices for longer than most manufacturers which is good. But 6 years is quite a while and it was 2 wifi generations ago (wireless-n to wireless ac to now wireless ax).
I've actually had several flagship devices from other manufacturers that didn't get a single update since release. And it wasn't because there wasn't any vulnerabilities or bugs. Its whats caused me to stick with netgear. They might have some devices with issues, but they support firmware for quite a while.
