× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Reply

Re: KRACK Vulnerabilities

Auri
Star

Re: KRACK Vulnerabilities

To be fair to Netgear and all the other router + OS manufacturers: Software development is hard. Testing is hard. Shipping fixes for dozens of products, all with different versions of software, is hard. So, I understand only 45 days was probably enough time to get a patch out there. For the security researchers, I feel they should have given 90 days embargo. I'm not clear on those details, but 45 days lead time before exploit release seems pretty tough for a software company, and tremendously difficult for a hardware company.

Message 26 of 31
kohdee
NETGEAR Expert

Re: KRACK Vulnerabilities


@Krobar wrote:
Looks like the standalone WAC720 firmware has been updated but the enclosed firmware with the WC7500 has not been updated. Is there a suitable firmware due soon for the WC7500? IS there some way of updating the firmware deployed by the WC7500 to the WAC720 points?

We are still validating if controllers are affected. At this exact moment, we do not believe the controller-controlled APs are affected, but standalone versions of them are. Please stay tuned to the KB article, which will be updated when we absolutely confirm the state of the controllers. 

Message 27 of 31
RexP
NETGEAR Expert

Re: KRACK Vulnerabilities

Controller managed AP's (Controller products WC9500, WC75xx, WC76xx)  are not subject to the PTK KRACK vulnerability described in CVE-2017-13077. The exposure is only for standalone APs, which are mainly operating in Client or WDS modes and controller managed APs don’t support these modes

Model: WAC720|2x2 Wireless-AC Access Points,WAC730|3x3 Wireless-AC Access Points
Message 28 of 31
RexP
NETGEAR Expert

Re: KRACK Vulnerabilities

Which Access Point are you using? Which Firmware version did you download? Are you using a controller managed Acces Point or a Standalone Access point? Hope we can help you quickly.

Message 29 of 31
Galt
Aspirant

Re: KRACK Vulnerabilities

Orbi RBK53 AC3000

 

Router:  RBR50

Satellites (2):  RBS50

 

Firmware Version installed:  2.0.0.74

 

 

Message 30 of 31
DaneA
NETGEAR Employee Retired

Re: KRACK Vulnerabilities

Message 31 of 31
Discussion stats
  • 30 replies
  • 32008 views
  • 27 kudos
  • 12 in conversation
Announcements