Discussion stats
  • 3 replies
  • 9744 views
  • 0 kudos
  • 3 in conversation
Announcements

Top Contributors
Reply
Highlighted
Tutor

Information disclosure flaw exposes Netgear wireless routers to attacks

Several wireless routers made by Netgear (including the WNDR3800) contain a vulnerability that allows unauthenticated attackers to extract sensitive information from the devices, including their administrator passwords and wireless network keys.

http://www.pcworld.com/article/2884812/information-disclosure-flaw-exposes-netgear-wireless-routers-...

http://seclists.org/fulldisclosure/2015/Feb/56

I have a WNDR3800 and I can confirm with a high degree of certainty that this exploit was successfully used against it approximately 1 month ago - resulting in local LAN access via Wi-Fi by unwanted users.

I also have a R7500 which supposedly is not affected by this security hole -

The question I have is...

Since the exploit is related-to/utilizes the router's Genie application interface, why is it that the WNDR3800 is affected, yet the R7500 is not - particularly since both routers support this Genie interface/comm-protocols?

Regards,
AVJohnnie
Message 1 of 4
Highlighted
Virtuoso

Re: Information disclosure flaw exposes Netgear wireless routers to attacks

"The vulnerability can be exploited over local area networks, as well as over the Internet if the devices are configured for remote administration and expose their Web interface externally. " - The PCWorld article

Does this mean that this is a non-issue if Remote Administration is disabled?
Who would enable that anyway?
Message 2 of 4
Highlighted
NETGEAR Employee Retired

Re: Information disclosure flaw exposes Netgear wireless routers to attacks

alokeprasad wrote:
Does this mean that this is a non-issue if Remote Administration is disabled?
Who would enable that anyway?


Yes, disabling Remote Admin (the default setting) will prevent this occurring with remote connections.

There are a number of people who might want to use remote admin e.g. people who work away from home, or people who set up routers for their less experienced relatives.

Netgear are aware of this issues already http://forum1.netgear.com/showthread.php?t=95287
____________________________
Working on behalf of Netgear
My name is Andy
Message 3 of 4
Highlighted
Tutor

Re: Information disclosure flaw exposes Netgear wireless routers to attacks

FWIW, There was a fairly in-depth article by Ken Johnson (INFOSEC Institute) a few years ago (2011) about the potential hazards which can arise by electing to embed S.O.A.P. due to the added security risks that it can cause...

PART-1: http://resources.infosecinstitute.com/soap-attack-1/
PART-2: http://resources.infosecinstitute.com/soap-attack-2/

Regards,
AVJohnnie
Message 4 of 4