- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: Two leading Netgear routers are vulnerable to a severe security flaw
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
@StaticFX wrote:@Gandolph - i forgot about wrt etc... do you have the link handy?
http://www.dd-wrt.com/wiki/index.php/Main_Page
I may actually attempt this on my next day off. Looks to be more secure and still offers all I need in regards to management.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
@RC0101-2 wrote:
Does this affect the r8500?
You would have to test the sample code:
Step 1 (optional): verify you’re vulnerable
Open your browser and visit the following address:
(For most people, this URL will work: http://www.routerlogin.net/cgi-bin/;uname$IFS-a)
If a web page appears (which is not an error): you’re vulnerable. In my case, the page contains a text that starts with: Linux R7000 2.6.36.4brcmarm+ (...).
Link to blog post for the rest: http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
StaticFX,
This is the link for the R7000 specific version of the firmware. I have been running this for a long time now with no problems. It makes me like my Netgear router again...
Asuswrt-Merlin on Netgear R7000
http://www.linksysinfo.org/index.php?threads/asuswrt-merlin-on-netgear-r7000.71108/
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
@climb74 wrote:Gandolf, please supply more info regarding the asus-wrt/merlin firmware.
Here is a link to a discussion:
https://community.netgear.com/t5/Nighthawk-WiFi-Routers/R7000-Using-Asuswrt-Merlin/td-p/1127372
Here is a link to asus-wrt:
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
For now I'v flashed other firmware. (XWRT)
Seems to work very well. On 2.4G i get way more download, went up from 45/15 to 88/15 😉
5G stays same as it was 150/15 (but that's my max speed) so that's fine.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
@StaticFX wrote:
the date was 11/28/2016... seems like a much earlier version?
That's the date the Release Notes article was last updated not the date the firmware was released. That firmware was released over 3 years ago.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
Yeah I figured.. but they just posted that old firmware... so I wonder if its a safe version
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
According to all threat assessment sources, Netgear was made aware of the vulnerability in August but chose to ignore the cyber security community which is why the issue was never resolved any sooner. We should hope they will act more promptly in the future. Nighthawk routers aren't cheap - they are future-proof investments.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
@mdgm wrote:
NETGEAR is aware of the security issue #582384 affecting R6400, R7000, R8000 routers. Stay updated here: http://kb.netgear.com/000036386/CVE-2016-582384
We're working hard for a fix and will update the security ticket above soon.
Ok am I dense? Why is this green checked as solved? Acknowledging there is a problem is not a solution in itself. Kinda misleading doncha think?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
I'm running V1.0.4.30_1.1.67 and the bug is there.
I find it intresting that the merlin firmware can be faster even though it is not using the hardware acceleration.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
@Rauder wrote:According to all threat assessment sources, Netgear was made aware of the vulnerability in August but chose to ignore the cyber security community which is why the issue was never resolved any sooner. We should hope they will act more promptly in the future. Nighthawk routers aren't cheap - they are future-proof investments.
I've really gotta be cynical about this response lag. On a post on another thread I said Netgear needs to be more proactive than reactive as in auditing its own code and revamping firmware deployment model such as making it more modular so people could apply package and kernel updates as in desktop applications of Linux. Oh and do something about the user interface. Ancient kernels and applications are bad enough but the UI is apparently also a weak link in the chain. And so much for the keeping remote manafement off "panacea" since a bad ad might exploit your browser to topple the router from inside the network. Nice.
But if there was that long of a response lag between when Acew0rm tried notifying Netgear and the vulnerability made public I don't think the term "reactive" is appropriate. Head in sand might be better. It's about PR and pleasing ....wait for it... investors.
The saddest part is that those of us who know about the problem(s) with Netfear and other router vendors are probably a very small portion of endusers. Therefore very little free market accountabilty.
And I used to mock Microsoft. Well I still do 😊
At least there are alternatives such as building your own Ubuntu router box, open source firmwares, or something such as a pfsense box. The latter can be had as turnkey without too much fuss.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
@alokeprasad wrote:Is X-10 R9000 also affected? Can someone please check?
It is a new product, so ZDNet might not have tested it.
What is unique to the product lines affected versus other Netgear routers? How can we be sure the other sorts of routers are safe? I could understand that NetUSB would be limited to routers with that feature but why this one having relevance to only a handful of Netgear routers?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
@timetorebel wrote:
@mdgm wrote:
NETGEAR is aware of the security issue #582384 affecting R6400, R7000, R8000 routers. Stay updated here: http://kb.netgear.com/000036386/CVE-2016-582384
We're working hard for a fix and will update the security ticket above soon.Ok am I dense? Why is this green checked as solved? Acknowledging there is a problem is not a solution in itself. Kinda misleading doncha think?
I saw that too. No idea, because it is not resolved. Maybe they are worried that people will not be buying these routers for Xmas?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
I think that was probably marked as the solution by a colleague so that users could quickly find the advisory to follow to keep updated on the issue.
As our investigation continues we will have further updates to our security advisory. Thank you for your patience.
We have an email dedicated for security concerns e.g. reporting security issues. It's mentioned in the security advisory and also on the Security Advisory section of our website: http://www.netgear.com/about/security/
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
@mdgm wrote:I think that was probably marked as the solution by a colleague so that users could quickly find the advisory to follow to keep updated on the issue.
As our investigation continues we will have further updates to our security advisory. Thank you for your patience.
We have an email dedicated for security concerns e.g. reporting security issues. It's mentioned in the security advisory and also on the Security Advisory section of our website: http://www.netgear.com/about/security/
So you admit not a solution? And I am not sure what to think about announcement of the dedicated security email. I hope it isn't a way to deflect those voicing security concerns from the spotlight on these public forums. Those concerns need to remain public. But if it is to take security concerns seriously (PR blah blah...puppies and kittens) why did this vulnerability not get addressed months ago? That's a PR loss and corporate responsibility epic fail as I see it.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
Thank you...It looks like I am affected. However, I follow the steps to kill the vulnerbility but it doesn't seem to work. After I follow the steps I recheck and I am still getting "Linixu r8500..."
Any ideas? I have tried the router login and also my routers IP address....Maybe it's just time I move on from Netgear...
*edit - I believe I got it working. I get a page cannot be displated when testing. Still my confidence in Netgear is at an all time low and am thinking I will go with a different company.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
the command "uname -a" outputs the current system build info
this won't be fixed properly until new firmware is released
I have already abandoned my R7000 due to other firmware flaws so i am no longer affected
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
timetorebel wrote:So you admit not a solution?
That's pretty obvious when you read the Security Advisory that post links to.
timetorebel wrote:And I am not sure what to think about announcement of the dedicated security email.
That's the best way to make sure a report gets to the security advisory team ASAP.
timetorebel wrote:I hope it isn't a way to deflect those voicing security concerns from the spotlight on these public forums.
That's not the purpose at all. We value free and open discussion on our community.
In one of the other threads a user asked for a thread to be closed, but we've left it open.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
The Security Advisory has been updated with more information and beta firmware for some affected models.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
I tested my D6400 and it is also vulnerable, your security notice only mentions the R6400 so please dont forget the DSL versions of the same routers too.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
@zipcard wrote:
I tested my D6400 and it is also vulnerable, your security notice only mentions the R6400 so please dont forget the DSL versions of the same routers too.
Which firmware do you have on the D6400?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
Looks like they released beta firmware that fixes just this vulnerability.
What is suggested...flash to beta or wait for a released version.?
I have not run beta firmware before. Have people had good luck with beta?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
In general beta firmware can be hit or miss. Sometimes it is just fine, sometimes it introduces new problems. (I've seen that in beta tests of new hardware.)
Firmware rarely, if ever, kills a device so long as you let it complete the process. That's why some people advise against doing regular updates over wifi, which probably won't apply in this case.
Before you flash, you should retrieve and file away a copy of the current firmware. You can then flash back to that if you have problems.
It is often also advisable to reset your hardware to the factory settings after the firmware flash. That isn't always needed. (Perhaps someone can advise if the changes with these updates requires a reset.)
It is up to you to decide to use it. If you are seriously worried about this vulnerability, then do it. If not, hang on until a few other people have tried it.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
It's up to you.
You can try the beta if you like or you can wait. In the unlikely event you have issues as a last resort you should be able to put the non-beta firmware back on and do a factory reset.
Beta firmware will have undergone some basic testing but not the full QA cycle.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Two leading Netgear routers are vulnerable to a severe security flaw
I just flashed the new beta firmware and I'm obviously still connected to the internet. So far I've not had any issues. R7000 router.
• Introducing NETGEAR WiFi 7 Orbi 770 Series and Nighthawk RS300
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more