Orbi WiFi 7 RBE973
Reply

Re: Why no firmware updates for C7800 Nighthawk

threatbuster
Tutor

Why no firmware updates for C7800 Nighthawk

Netgear website says no firmware available for C7800 (AC3200) Nighthawk cable modem/router.  Why not?  Thanks.

Model: R8000|Nighthawk X6 AC3200 Smart WIFI Router
Message 1 of 21

Re: Why no firmware updates for C7800 Nighthawk

Because Netgear does not control firmware on cable modems.

 

What’s the latest firmware version of my NETGEAR cable modem or modem router? | Answer | NETGEAR Sup...

 

If your firmware is outdated, you cannot manually upgrade your cable modem’s or modem router’s firmware. You must contact your Internet service provider (ISP) to upgrade your firmware.

 

 

Message 2 of 21
lellsworth3
Tutor

Re: Why no firmware updates for C7800 Nighthawk

While the updates to a modem/router are pushed out via the ISP, the software update *comes from* Netgear. The R7800 standalone router had security updates as recently as May 2018 it appears. My C7800 is up-to-date per Netgear documentation but has not been updated in the last 6 months as far as I know. When was the last C7800 update? If not as recently as R7800, why not? A lot of security vulnerabilities have been discovered recently...

Message 3 of 21

Re: Why no firmware updates for C7800 Nighthawk

Did you read the firsr reply?

 

ISPs control firmware updates on cable modems.

 

There is nothing that you or Netgear can do about it. The ISPs don't want anyone else messing around with hardware on their networks.

 

If you have fears about the security of your internet connection, talk to your ISP.

 

Or, to take back control of your security, buy a router and work out how to put your C7800 into modem only (bridge) mode.

 

 

Message 4 of 21
lellsworth3
Tutor

Re: Why no firmware updates for C7800 Nighthawk

Please pay attention. I know firmware updates are rolled out by the ISP. But the updates themselves come from the vendor-- Netgear in this case-- and are rolled out when the vendor provides the ISP with a new update. I have confirmed this with both my ISP (Comcast) and Netgear.

The question is whether or not Netgear is PROVIDING AS TIMELY UPDATED FIRMWARE for newly discovered router vulnerabilities for these modem/router combos, as it does for standalone routers. If Netgear can't or won't keep them up-to-date, Netgear should not be selling them, period. This is totally Netgear's responsibility-- the ISP is just the conduit.

Message 5 of 21

Re: Why no firmware updates for C7800 Nighthawk

I am not the one with ADD.

 

Let's try again.

 

  • You are worried about the security of your cable modem/router
  • Your Internet service provider demands control over firmware updates for devices on its network

 

Here's a strange idea, ask your ISP what it is doing to guarantee the security of your modem router.

 

I know you find it hard to accept the way things work, so try reading this for yet more evidence that you should start with the ISP.

 

Who and how can update cable modem firmware? - Information Security Stack Exchange

 

Netgear and all the other modem makers can write all the updates they like, but if the ISP won't play ball you are stuffed.

Message 6 of 21
lellsworth3
Tutor

Re: Why no firmware updates for C7800 Nighthawk

As I said, I have asked Comcast and they say they do updates whenever the vendor, Netgear in this case, makes one available. Netgear also says they have to make an update available to the ISP for modem/routers. You seem to be saying "maybe Netgear is making updates available but Comcast isn't taking them". If true, that would be a serious problem in its own right-- but this is not what Comcast tells me they do and I have no evidence to the contrary. 

However Comcast policy was not my question here obviously. Rather it is this: does Netgear make firmware updates for new router vulnerabilities available to ISPs on roughly the same schedule for modem/routers as it does for standalone routers? If not, modem/routers are inherently less secure and in my opinion Netgear should not be selling a device that cannot be properly secured. However, if the updates are more or less simultaneous, then great!

To get specific, when was the last update for my C7800 released compared to the date of the latest update for a comparable standalone router like perhaps the R7800?

I can see from the Netgear site that I have the latest Comcast version, V3.01.38 but I can't see a date nor compare to a similar standalone router. Ultimately I want to know Netgear's policy on making available timely security updates for modem/routers (Comcast already claims to deploy them when they get them).

Here is a related anomaly I'd like to understand: while the Comcast "Deployed" version is listed as V3.01.38, two other vendors are listed with "Approved" versions of V3.01.36 and "All other ISPs (Current Production Firmware)" are listed as V3.01.06 as well. Why would Comcast have a version seemingly ahead of "current production"? -- not that that would reassure me since updates for the router side are my concern and I can't yet compare those to Netgear standalone routers. But why the discrepancy?

If anyone can address any of these concerns I'd appreciate answers.

Message 7 of 21
KMDonlon
Luminary

Re: Why no firmware updates for C7800 Nighthawk

I am in Las Vegas & even though Netgear's firmware page lists Cox's approved firmware as V3.01.36 they sent V3.01.38 out a while back. The firmware page is not accurate.
Message 8 of 21

Re: Why no firmware updates for C7800 Nighthawk

One way to check out concerns about security issues is to read the advisories that Netgear puts out when new ones crop up. For example, here is the latest:

 

Security Advisory for VPNFilter Malware on Some NETGEAR Devices | Answer | NETGEAR Support

 

Like many earlier advisories, this lists the devices that it has tested and deemed to be vulnerable.

 

 

Message 9 of 21
SheepDog1813
Tutor

Re: Why no firmware updates for C7800 Nighthawk

Mine was at V3.01.36 for over a year. It looks like they finally pushed V3.01.38 to mine either last night or today. I had done a factory reset yesterday due to an unrelated issue and noticed today that it had been updated. No idea if it was just a  coincidence or not however. May be worth a shot if you dont have dozens of reserved IP addresses to reenter or other reasons not to try it.

Message 10 of 21

Re: Why no firmware updates for C7800 Nighthawk

Well spotted that person.

 

 

Message 11 of 21

Re: Why no firmware updates for C7800 Nighthawk

The two companies employees are playing toss, with you as the hot potato. They will not allow us as the consumer access to our device, they are keeping that to themselves. I am waiting for a lawyer into tech to get mad and start a class action lawsuit that I can join. This is an infringement of our rights of ownership, or at least misleading advertisement by not making it clear that this would be the case. I just wanted to own and control my network with the best one box solution to internet access I could find and afford. I also want to own and control my endpoint on the network, as why should we trust the big company with our security, they are not the best at it. Internet Service Provider should just provide Internet service, not control it.

Spectrum/Charter is also giving me the same battle at a private school with strict internet polices that I administrate. They promised to provide Internet access and allow us to control the policies and access to wireless and passwords by ourselves, but instead they will not provision us to access the cloud firewall or wireless controllers We have to fight the bureaucracy to make simple changes like wireless passwords or content filter changes.

 

 

 

Message 12 of 21
KMDonlon
Luminary

Re: Why no firmware updates for C7800 Nighthawk

Message 13 of 21
dmac1026
Aspirant

Re: Why no firmware updates for C7800 Nighthawk

That is not true theISP will not do firmware upgrades on third party modems only theirs!

Message 14 of 21

Re: Why no firmware updates for C7800 Nighthawk

 


@dmac1026 wrote:

That is not true theISP will not do firmware upgrades on third party modems only theirs!


Funny that people have reported that their Netgear cable modems got updated. Perhaps they imagined it.

 

But here's the official, line to remind people.

 

What’s the latest firmware version of my NETGEAR cable modem or modem router? | Answer | NETGEAR Sup...

 

If your firmware is outdated, you cannot manually upgrade your cable modem’s or modem router’s firmware. You must contact your Internet service provider (ISP) to upgrade your firmware.

 

 

Message 15 of 21
dmac1026
Aspirant

Re: Why no firmware updates for C7800 Nighthawk

I contacted xfinity and they said they can not upgrade any firmware unless it is their modem. They don’t have the capability to do third party modems. I don’t know about other isp but xfinty/Comcast can not do upgrades on firmware.
Message 16 of 21

Re: Why no firmware updates for C7800 Nighthawk

I suspect that it is more a case of "will not" rather than cannot.

 

ISPs are doing their best to lock customers into over priced hardware contracts. ISPs do not make hardware, but they want to maintain a revenue stream. From what I see here, it is cheaper to buy a new modem every year than to rent something from an ISP.

 

On cable modems, I am not sure what firmware updates will do for you. If the thing works, why change it? Doesn't the cable ISP protect users from nasty intrusions?

 

With DSL modems there is a different issue. You can upgrade that yourself, and the modems that most ISPs supply are rubbish. In the UK, for example, BT provides a "free" Homehub modem that is mind numbingly basic in what you can do with it. That's why there are so many BT customers who set aside their Homehubs as a spare for when something goes wrong with their grown-up modems.

 

I wonder of @threatbuster has any reason to suspect that their C7800 needs an update.

 

 

 

Message 17 of 21
threatbuster
Tutor

Re: Why no firmware updates for C7800 Nighthawk

 

Actually C7800 - Nighthawk AC3200 -- unfortunately not in the Netgear-supplied dropdown list on Netgear Community Reply.

 

Why am I concerned?  1.  The news about attacks on Netgear routers.  2.  My logs show a large number of DOS attacks.  3.  If we don't have any individual control and we forget to check our version # frequently and the news here frequently, and if all of us and all relevant ISP's and Netgear cannot agree on who has the constant responsibility to keep the firmware upgraded, and no one is really enforcing such responsibility, why should we ALL not be concerned?  Some of you who are much more experienced can probably add even more reasons or refute my reasons.  In any case, you are welcome to do so.

 

Actually, my current version is V3.01.38. 

 

Call me underinformed, but my gut feeling is that just as we all have choices on which antivirus/intrusion detection/antimalware/anti-etc. that we install and keep updated on our PC's, it only seems natural that the gateway is even more important to protect, by any means possible.  I'd rather stop something there than allow it to get as far as my Windows 10 PCs and other equipment.

 

I'm not even sure that a new version of firmware contains anything at all that reaches far and wide to protect our gateways.  Ideas?  Proof?  Are we just supposed to have blind trust?

 

One last thing.... if our ISP allows us to use a third party gateway and they know we cannot push updates to it, then isn't it logical to expect them to do it?

Thank you.

Model: C7000|Nighthawk - AC1900 WiFi Cable Modem Router
Message 18 of 21

Re: Why no firmware updates for C7800 Nighthawk


@threatbuster wrote:

 

Actually C7800 - Nighthawk AC3200 -- unfortunately not in the Netgear-supplied dropdown list on Netgear Community Reply.

 

Netgear's database of its own models is rubbish. I've given up on trying to get them to maintain it.

 


@threatbuster wrote:

 

Why am I concerned?  1.  The news about attacks on Netgear routers. 

Probably because you own one and are sensitive to that make and reports of vulnerability. You will find similar reports for every maker of network hardware. Have you seen reports of successful attacks on Netgear cable modems? That would worry me.

 

Then again, I would want to know if those threats are real, or something cooked up by a couple of kids with time on their hands in a university IT lab and that have never been seen in the real world.

 


@threatbuster wrote:

 

show a large number of DOS attacks.  

 

Ah, that one.

 

It is a good idea to investigate the issue that bother you rather than generic security issues. So let's deal with this one.

 

By DOS attacks, I suspect that you mean the dreaded "DoS attack: ACK Scan" log entry.

 

Have you run a search on that here?

 

DOS attack ACK Scan

 

There are two points to note on that one.

 

That this appears on the logs means that your modem/router has responded to protect you.

 

The other point, probably more important, is that those reports are really down to shoddy logging by Netgear, and its recording "false positives.

 

If you see one of those log entries, throw the IP address into a tracker like:

 

IPNetInfo: Retrieve IP Address Information from WHOIS servers

 

When I did that I found that many of them came from the likes of Amazon, Google, or the user's ISP.

 

Once again, general paranoia can evaporate when you dig deeper.

 


@threatbuster wrote:

 

One last thing.... if our ISP allows us to use a third party gateway and they know we cannot push updates to it, then isn't it logical to expect them to do it?

 


Very true. Although, "tolerate" is probably better than "allows". Maybe the law forces them to do that, without forcing them to allow on-line updates.

 

If you read some of the other responses to your messages, from @theselfthinker for example, you will see that you are stuck between a hardware maker and an ISP. Netgear updates its firmware. Your ISP will not disseminate it.

 

If you really believe that you are at risk, you might do well to find a modem maker that allows you to control the firmware without the ISP's intervention. (They are dead picky in that front, heaven only knows why.) Or rent your modem from the ISP, which is really what they want.

 

 

 

Message 19 of 21
drouel0610
Aspirant

Re: Why no firmware updates for C7800 Nighthawk

I have a C7800/AC3200 Nighthawk X4S-  bought it in 2017, no initial issues, super fast, etc-   2018 I received over 50+ DoS attacks ytd-

im no longer able to login to it either-   you mention the ISP (in my case COX) controls the firmware updates, does that mean they also are able to login to my routers admin page and set things up the way they want?      I tried logging in the same way as I did when I purchsed it from BestBuy-  connecting my browser (chrome, IE, mozilla,etc) to 192.168.0.1 (which is my GW address) and Im getting an error:  ERR_NETWORK_ACCESS_DENIED - yet even at this exact momment, im accessing the internet & typing this post-  I have installed Netgears GENIE-  it sees my SSIDS, etc- shows i have 8 devices connected and gives me those IPs-    I also tried using the http://routerlogin.net  (on back of router/modem) and get the same network access denied error-   I have disabled SEP prior to trying to access the router as well-   (wanted to be able to access the router w/out using a network cable to the back of it) 

 

Model: C7000|Nighthawk - AC1900 WiFi Cable Modem Router
Message 20 of 21

Re: Why no firmware updates for C7800 Nighthawk


@drouel0610 wrote:
you mention the ISP (in my case COX) controls the firmware updates, does that mean they also are able to login to my routers admin page and set things up the way they want? 

 


No. Their control is limited to writing new firmware. If they feel like it.

 



im no longer able to login to it either-  

 



Im getting an error:  ERR_NETWORK_ACCESS_DENIED -


That looks like a Windows error.

 

Where do you see it?

 

 

Message 21 of 21
Top Contributors
Discussion stats
  • 20 replies
  • 9333 views
  • 8 kudos
  • 8 in conversation
Announcements

Orbi WiFi 7