NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Web GUI Password Recovery and Exposure Security Vulnerability
I would like to point out to Netgear that their password recovery options are woefully insecure. I followed their advice to turn on Password Recovery but immediately aborted, Every single question ca...
Hi All,
Here is the KB article for the said vulnerability. You can check for the specific model number that is affected.
hawki, the Netgear security bulletin says that the C6300 with firmware version v2.01.14 is affected. Are you running that version?
Are you using the desktop Genie to change passwords?
I could be mistaken but the recovery password option is available directly through the router's web portal (i.e. by logging through http://routerlogin.net or your router's IP address). You will find the recovery option in ADVANCED > Administration > Set Password.
TheEther wrote:hawki, the Netgear security bulletin says that the C6300 with firmware version v2.01.14 is affected. Are you running that version?
Are you using the desktop Genie to change passwords?
I could be mistaken but the recovery password option is available directly through the router's web portal (i.e. by logging through http://routerlogin.net or your router's IP address). You will find the recovery option in ADVANCED > Administration > Set Password.
I did attempt to enable "Recover Password " via the router's IP address AND through my ISP's IP assigned agress by entering them into the address bar of my browser. Both gave me the same result.
Do you determine the firmware version through Genie? I just uninstalled my Genie and will reinstall.
oOps - firmware version is V1.02.20
I recently installed a program that knocked out my Netgear Connectiom. Reinstalled with the Net Gear Set Up disc. Is there a way to manually update the firmware?
I usually get a pop up respecting firmware upgrades.