Announcements

Polls
What is your Experience with NETGEAR Insight cloud management?
Top Contributors

Patch for Krack Vulnerability

ALL FIRMWARE should be updated. More info: https://betanews.com/2017/10/16/krack-wpa2-security-vulnerability/

36 Comments
Aspirant

I will be looking for a patch to this vulnerability (Krack) for the Orbi RBR50.  It seems all routers (from all manufacturers) are susceptible since 2003 that use WPA or WPA-2. It’s a fundamental flaw in the underlying encryption protocol.

 

Hopefully Netgear can get the patch out soon.

Fledgling

Upvoted.

We currently have two WAC104 access points serving the office with no sign of a patch, and no clear announcement from Netgear on the vulnerability and their intended course of action. 

 

 

Novice
My organization has 22 WAC740 APs managed by a WC7600V2 controller. We have a made a *substantial* investment in Netgear Wave 2 infrastructure. If they don't get this patched I am going to be extremely disappointed. Aruba and Ubiquity already have a patch released. According to CERT, Netgear has not even filed a response to their vulnerability notice: https://www.kb.cert.org/vuls/id/CHEU-AQNMYE Let's go Netgear! Protect your customer base!
Onlooker

I second the above - What is the status of a patch for the R7000? 

Tutor
Or, the status of a patch for the R6220?
Aspirant

Is the R8000 patched for this vulnerability? If not when will the patch be released please?

Fledgling
Vendor Information for VU#228519 Wi-Fi Protected Access II (WPA2) handshake traffic can be manipulated to induce nonce and session key reuse Netgear notified August 28
Fledgling
Microsoft says the Windows updates released on October 10th protect customers, and the company “withheld disclosure until other vendors could develop and release updates.” Maybe NETGEAR withheld it's notification?
Onlooker

I think it was known about in late August...

Onlooker