This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
The attacks both require running code on the router. Your router doesn't execute data that is is transporting. The web console code is all built in to the router so it's safe. The genie app I think loads the web console code but not 100% sure since I've never used it.
If you could get code to run on the router then if the router's processor performed unrestricted speculative execution the attack would be feasible, but you have to get code running on it first. Now, it _is_ possible to run code on the Nighthawk if you can authenticate to it. It's also possible a different exploit could be used to get code running on it, and that would be the primary vulnerability. For example, if could feed some code to the web console server and trick it into running it then that would be a problem. But you aren't going to get meltdown and Spectre working absent some other vulnerability (which almost certainly exists, but there's a good chance you don't even need Spectre or meltdown in that case).
Basically, it's not that you shouldn't care, but care more about vulnerabilities that let malicious code run on the router in the first place.
NB: There do exist attacks against things like SSL that are dependent on observing timing or manipulating data from an outsider's perspective that could e.g. leak information about keys etc. Those are not what we're discussing here.
Shouldn't have any impact. Both require malicious code to run on a device or be able to very closely monitor timing of responses. Your router would already have to be compromised in other ways before these techniques could be used.
But I don't understand. Manipulation of any device can only happen when it has been compromised there is no other way. So I do not really understand the argumentation. When the router accepts data traffic and transports it, all these data go through it. So in my humble and illiterate opinion, access to the processor could be possible. Also other apps that have access to the router and work from your computer could do the same. The Genie app etc etc.
Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Those threats use a specific trait That is 'Specutlative Execution', which basically means to speed up processing, the CPU will gets data IT thinks you will ask for before you ask for it. In theory I guess if you ask for you USERID lets say to log into the router, the CPU will put into memory your PASSWORD as well. Using a program that can read this part of memory will allow it to see the stream of data that would go out. Some will not be used, some might, but the possibility of capturing your personal data exists in theory. See https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-heres-what-intel-apple-microsoft-others.... These have never been verified as a living real threat yet either.
The router probably doesn't have a true CPU but a special chip that has one function only, That is to run the router. Doesn't mean it couldn't have the problem, but only Netgear or some other investigator would know. Basically it seems a computer that can run applications seem to be vulnerable.
Could it happen in the Router, I don't know, but my guess is no, as it doesn't have any data to read, it just passes on when comes in to the proper device. There are other ways to capture TCP/IP packets that exist. I could be wrong though, again, Netgear should be able to answer this as they know what the processor chip can do in the router.
The attacks both require running code on the router. Your router doesn't execute data that is is transporting. The web console code is all built in to the router so it's safe. The genie app I think loads the web console code but not 100% sure since I've never used it.
If you could get code to run on the router then if the router's processor performed unrestricted speculative execution the attack would be feasible, but you have to get code running on it first. Now, it _is_ possible to run code on the Nighthawk if you can authenticate to it. It's also possible a different exploit could be used to get code running on it, and that would be the primary vulnerability. For example, if could feed some code to the web console server and trick it into running it then that would be a problem. But you aren't going to get meltdown and Spectre working absent some other vulnerability (which almost certainly exists, but there's a good chance you don't even need Spectre or meltdown in that case).
Basically, it's not that you shouldn't care, but care more about vulnerabilities that let malicious code run on the router in the first place.
NB: There do exist attacks against things like SSL that are dependent on observing timing or manipulating data from an outsider's perspective that could e.g. leak information about keys etc. Those are not what we're discussing here.
