Re: Is R6900 router affected by new (12/12) vulnerability?

The R6900 uses its own firmware. Don't try installing firmware for a different model.

The R6900 is not on the list of known affected models.

We mentioned in the Security Advisory "NETGEAR is continuing to review our entire portfolio for other routers that might be affected by this vulnerability. If any other routers are affected by the same security vulnerability, we plan to release firmware to fix those as well."

Thanks. The second link gave an error message, but the first returned the following:

Linux R6900 2.6.36.4brcmarm+ #17 SMP PREEMPT Sat Jun 27 18:29:04 CST 2015 armv7l unknown

I'm assuming that means that my R6900 is indeed affected.

FuelScience

Yes. I can see we have already updated the Security Advisory to reflect this. We don't have a beta firmware ready yet but we will update the Security Advisory when we do.

I saw this vulnerability on the news.  I wasn't sure I was affected until I ran this:

http://192.168.1.1/cgi-bin/;reboot

And sure enough, my router rebooted!  This is an amazingly easy exploit.

I found the beta code on the website to fix the problem, but it looks like it is a little risky, based on the description.  So I called NetGear support and explained the problem.  They ask me for my serial number.  It turns out that I'm about 1 month past the free warrentee period, so the tech refused to even talk with me about the problem unless I paid for support.

Unbelievable.  Well, I will just install the beta code and hope for the best.  I work from home full time, so if it does not work, I will be scrambling for a replacement router.

I installed the new firmware as well this morning, and all appears to be working well. 

FuelScience

Thank you for the confirmation that the firmware fixed it.

Should you have any more concerns or wants an update regarding this issue, please see the thread below.

https://community.netgear.com/t5/Nighthawk-WiFi-Routers/Two-leading-Netgear-routers-are-vulnerable-t...