Start a New Discussion

Start a New Discussion

Orbi WiFi 7 RBE973

Re: R7000 Vulnerability - When will new firmware be released to address this?

RSM52
Tutor
Tutor
‎2016-12-11 09:14 AM
‎2016-12-11 09:14 AM

R7000 Vulnerability - When will new firmware be released to address this?

ZD Net is now recommending that we shut down our R7000 routers until Netgear generates a fix to the exploit code that was recently released.  As shutting down a router is not a reasonable option I would like to know when Netgear intends to address this issue.  It should be now.

Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 1 of 10
Labels:

Accepted Solutions
ElaineM
NETGEAR Employee Retired
‎2016-12-14 08:29 AM
‎2016-12-14 08:29 AM

Re: R7000 Vulnerability - When will new firmware be released to address this?

Hi All,

 

The Security Advisory for VU 582384 has been updated.

Also, for more information see the link below.

 

https://community.netgear.com/t5/Nighthawk-WiFi-Routers/Two-leading-Netgear-routers-are-vulnerable-t...

View solution in original post

Message 10 of 10
0 Kudos

All Replies
microchip8
Master
Master
‎2016-12-11 09:28 AM
‎2016-12-11 09:28 AM

Re: R7000 Vulnerability - When will new firmware be released to address this?

Knowing NG, it can take a few weeks or up to a month

Message 2 of 10
mPresto
Initiate
Initiate
‎2016-12-11 12:32 PM
‎2016-12-11 12:32 PM

Re: R7000 Vulnerability - When will new firmware be released to address this?

You may not neet to shut down your router. Came across this blog describing a simple temporary fix:

 

www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/

 

Basically it describes killing the http server process ( using the vulnerability to do so of all things). Rebooting the router will start the http process again.

 

Hope an update will be available soon. I just bought my R7000 and was rather disapointed to hear this.

Message 3 of 10
TheEther
Guru
Guru
‎2016-12-11 08:11 PM
‎2016-12-11 08:11 PM

Re: R7000 Vulnerability - When will new firmware be released to address this?

Netgear has acknowledged the vulnerability.

http://kb.netgear.com/000036386/CVE-2016-582384

 

Message 4 of 10
0 Kudos
mdgm-ntgr
NETGEAR Employee Retired
‎2016-12-12 09:57 PM
‎2016-12-12 09:57 PM

Re: R7000 Vulnerability - When will new firmware be released to address this?

 

The Security Advisory has been updated with more information and beta firmware for some models. Thanks for your patience.

Message 5 of 10
Atrum
Initiate
Initiate
‎2016-12-13 12:28 AM
‎2016-12-13 12:28 AM

Re: R7000 Vulnerability - When will new firmware be released to address this?

 
I use an ARLO compatible version on my R7000, will there be an update to correct this vulnerability?

Is there already a beta version correcting the vunerability with ARLO support on the R7000?
 
My current firmware is the R7000-V1.0.6.40_1.1.90
Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 6 of 10
0 Kudos
copyer
Aspirant
Aspirant
‎2016-12-13 12:32 AM
‎2016-12-13 12:32 AM

Re: R7000 Vulnerability - When will new firmware be released to address this?

There is a beta for the r7000 https://www.netgear.com/support/product/r7000.aspx#download

Message 7 of 10
0 Kudos
mdgm-ntgr
NETGEAR Employee Retired
‎2016-12-13 12:33 AM
‎2016-12-13 12:33 AM

Re: R7000 Vulnerability - When will new firmware be released to address this?

Arlo support was removed from R7000 firmware a while back now.

You can use an Arlo base station with your cameras. You can even use the new Arlo Pro base station which has a siren.

Message 8 of 10
0 Kudos
Atrum
Initiate
Initiate
‎2016-12-13 12:49 AM
‎2016-12-13 12:49 AM

Re: R7000 Vulnerability - When will new firmware be released to address this?

I invested in a camera arlo without base station because you praised the possibility of using arlo with the R7000.

That you no longer support ARLO for the R7000 is one thing, but you need to fix at least an older firmware supporting ARLO by fixing the vulnerability. I'm not the only one to still use an old firmware compatible ARLO!

Message 9 of 10
ElaineM
NETGEAR Employee Retired
‎2016-12-14 08:29 AM
‎2016-12-14 08:29 AM

Re: R7000 Vulnerability - When will new firmware be released to address this?

Hi All,

 

The Security Advisory for VU 582384 has been updated.

Also, for more information see the link below.

 

https://community.netgear.com/t5/Nighthawk-WiFi-Routers/Two-leading-Netgear-routers-are-vulnerable-t...

Message 10 of 10
0 Kudos
Top Contributors
See All
Discussion stats
  • 9 replies
  • ‎2016-12-11 09:14 AM
  • 5652 views
  • 6 kudos
  • 8 in conversation
Announcements

Orbi 770 Series