Orbi WiFi 7 RBE973
Reply

Re: Two leading Netgear routers are vulnerable to a severe security flaw

zipcard
Aspirant

Re: Two leading Netgear routers are vulnerable to a severe security flaw


@michaelkenward wrote:

@zipcard wrote:

I tested my D6400 and it is also vulnerable, your security notice only mentions the R6400 so please dont forget the DSL versions of the same routers too.


 

Which firmware do you have on the D6400?

 

 


 

I have firmware V1.0.0.54_1.0.54 installed.

 

When I run the test it comes back with a page listing linux os version and other bits of info, if your unaffected it should be blank or give an error so I assumed the D series are also vulnerable.

 

 

Message 76 of 234
ChrisNoonan
Tutor

Re: Two leading Netgear routers are vulnerable to a severe security flaw

Message 77 of 234
BoDEAN
Apprentice

Re: Two leading Netgear routers are vulnerable to a severe security flaw

Hopefully we see an R7800 FW soon

 

Message 78 of 234
BoDEAN
Apprentice

Re: Two leading Netgear routers are vulnerable to a severe security flaw

""  Acew0rm alerted Netgear to the problem on Aug. 25, but never heard back, the researcher told Fortune in a direct message on Twitter. So four months later, Acew0rm took the find public ""

 

If that doesn't sum up Netgears support (or lack of) with Firmware updates, I don't know what does!

 

Message 79 of 234
SeaSalt
Guide

Re: Two leading Netgear routers are vulnerable to a severe security flaw

I flashed the beta firmware on my R6400 in the early hours and after some basic testing it seems the issue has been resolved.

 

I tried 2 different tests, all done in Edge and Firefox.

 

-Running the reboot command directly: Was prompted for credentials

-Running the reboot command in a tab while another had routerlogin.net logged in: Was prompted for credentials once more

 

The fact that a fix had come four months after being reported is still ridiculous, but at least I can now remain on stock firmware without jumping to open source solutions.

Message 80 of 234
ElaineM
NETGEAR Employee Retired

Re: Two leading Netgear routers are vulnerable to a severe security flaw

@SeaSalt Thank you for the confirmation that the beta resolved it. I will forward it to our engineering team your feedback. 

Again, thank you and we appreciate your continued patience as we fix the issue. 

Message 81 of 234
mdgm-ntgr
NETGEAR Employee Retired

Re: Two leading Netgear routers are vulnerable to a severe security flaw


@BoDEAN wrote:

Hopefully we see an R7800 FW soon

 


The R7800 is not in the list of known affected models that we've verified are affected at this time. Are you running the latest firmware (please confirm the actual version number) and have you checked to see if your system is vulnerable?

Message 82 of 234
SeaSalt
Guide

Re: Two leading Netgear routers are vulnerable to a severe security flaw

@ElaineM Not a problem, I'm glad to hear a fix is on its way.

Hopefully you can nudge the engineering team a bit regarding features that still aren't there (android VPN support, for example).

Message 83 of 234
climb74
Guide

Re: Two leading Netgear routers are vulnerable to a severe security flaw

SeaSalt, I gave up on actual support from netgear and flashed my device with DD-WRT.  At least I get actual support from the OpenSource community...  You would figure that a company who actually makes money on a product would take support of their product more seriously than someone doing the job in their spare time for free... but apparently that is not the case.  I owned the device less than a year and after spending a decent amount of money on it I had to wash my hands of the vendor... talk about disappointing!

Message 84 of 234
SeaSalt
Guide

Re: Two leading Netgear routers are vulnerable to a severe security flaw

@climb74 I agree, I'm incredibly dissapointed with my purchase. There's a lack of support from Netgear and that is unnerving for the price point of these products.

 

I tried out the open-source solutions, and though the featureset satisfied me, the throughput for wireless and wired was much lower compared to Netgear's stock firmware. I can't jump ship just yet, at least until the open-source community improves the firmware.

Message 85 of 234
GinaGerson
Star

Re: Two leading Netgear routers are vulnerable to a severe security flaw

@SeaSalt I installed this on, and I get BETTER speed on 2.4G. On 5G no change but there I already got the maximum speed. Also LAN works very well. So no stock roms for me anymore, also because off the poor design and lack of support.

Message 86 of 234
SeaSalt
Guide

Re: Two leading Netgear routers are vulnerable to a severe security flaw

@GinaGerson Thank you for the link, I'll definetly test this out on my R7000 later today.

 

However there doesn't seem to be a similar solution for my R6400, which resides downstairs. My fingers are crossed for more support from other developers!

Message 87 of 234
RMinNJ
Luminary

Re: Two leading Netgear routers are vulnerable to a severe security flaw

But the vulnerbility is to the router's admin UI running on the internal LAN.   Correct me if I am wrong but the UI

is not available to the WAN/Internet IP of the router unless remote administration is turned on?    I'm not saying its not a bad problem just that it seems exploitable only from the LAN (wireless and wired).

 

I tried limiting the administration to just a small internal IP range and the router would not allow the change saying invalid IP..  perhaps if I had a PC with an internal static IP and I limited the UI to just that single IP?  ( I know linksys allows the

adminUI to run on wired connections only...not so with the netgear).

Message 88 of 234
GinaGerson
Star

Re: Two leading Netgear routers are vulnerable to a severe security flaw

@RMinNJ It's -among other things- run from a script f.e. from a website you load  on a browser on your pc, that's on your internal network. It's a real threat. 

Message 89 of 234
meetloaf
Initiate

Re: Two leading Netgear routers are vulnerable to a severe security flaw

Yeah, this is the last Netgear product I'll ever buy.

 

I save my money to finally buy a nice premium router for my home, and this is the kind of treatment I get?

Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 90 of 234
mdgm-ntgr
NETGEAR Employee Retired

Re: Two leading Netgear routers are vulnerable to a severe security flaw

meetloaf we've already released beta firmware for your R7000 with a fix.

Message 91 of 234
Gandolph
Star

Re: Two leading Netgear routers are vulnerable to a severe security flaw

Netgear has had since August to address this issue and has done nothing.  Anyone still using stock firmware is being foolhardy, Netgear has shown themselves to be inept and uncaring about their exisitng customer base.  Here is the scoop from Toms Hardware;

 

http://www.tomshardware.com/news/netgear-critical-security-vulnerability-router,33173.html

 

Again, I recommend to all R7000 customers that they download and install the Asus-Wrt firmware referenced earlier in this thread.  

Message 92 of 234
ScottKitty
Tutor

Re: Two leading Netgear routers are vulnerable to a severe security flaw

Thanks slot Netgear, I like knowing my router just hit its expiration date from every tech news outlet.  Seeing recommendations that I shouldn't use the router from security officials is **bleep**ty when there was an opportunity to fix it

Message 93 of 234
alokeprasad
Mentor

Re: Two leading Netgear routers are vulnerable to a severe security flaw


@RMinNJ wrote:

But the vulnerbility is to the router's admin UI running on the internal LAN.   Correct me if I am wrong but the UI

is not available to the WAN/Internet IP of the router unless remote administration is turned on?    I'm not saying its not a bad problem just that it seems exploitable only from the LAN (wireless and wired)....


 

Could someone verify this?

 

I realise that someone could trick me into visiting a web page with a script that executes the commands to give root access etc....

BUT, if I go to only reputable web sites that I have bookmarked and use noscript etc religiously, then is the risk mitigated or reduced substantially?

Message 94 of 234
SeaSalt
Guide

Re: Two leading Netgear routers are vulnerable to a severe security flaw

@alokeprasad I think if you keep your browsing contained you should be fine. Be wary of ads, however, and keep an eye on devices that comment to a lot of things over the internet.

Web pages aren't just simple HTML pages anymore.
Message 95 of 234
mdgm-ntgr
NETGEAR Employee Retired

Re: Two leading Netgear routers are vulnerable to a severe security flaw


@ScottKitty wrote:

Thanks slot Netgear, I like knowing my router just hit its expiration date from every tech news outlet.


There is beta firmware with a fix available for your R7000 with production firmware on the way. Your router has not hit an "expiration date".

Message 96 of 234
Rilo40
Aspirant

Re: Two leading Netgear routers are vulnerable to a severe security flaw

While I am thankful for the beta, any clue as to when a final version will be out? I'm never comfortable running beta firmware on a router for too long of a time.
Message 97 of 234
mdgm-ntgr
NETGEAR Employee Retired

Re: Two leading Netgear routers are vulnerable to a severe security flaw

Putting an ETA on things like that is always difficult as it's difficult to predict how long QA testing will take. If both no regressions (issues not present in the previous firmware release) are found and included fixes are verified readily then it will be quicker than if we decide that there is more changes needed.

 

Naturally we are as keen as you for this process to complete as quickly as possible and we will update the advisory when the final version is available.

 

Thanks for your patience.

Message 98 of 234

Re: Two leading Netgear routers are vulnerable to a severe security flaw


@Gandolph wrote:

Netgear has had since August to address this issue and has done nothing.

 

How do you know that? It would be interesting to have evidence.

 

 

Message 99 of 234
alokeprasad
Mentor

Re: Two leading Netgear routers are vulnerable to a severe security flaw


@mdgm wrote:


NETGEAR is aware of the security issue #582384 affecting R6250, R6400, R6700, R7000, R7100LG, R7300, R7900, R8000 routers. Stay updated here: http://kb.netgear.com/000036386/CVE-2016-582384

 

...

Please "pin" above link to the top of the page on home routers  https://community.netgear.com/t5/WiFi-Routers/ct-p/home-wifi-routers

 This should be prominently listed on the top of every thread pertaining to the affected devices.

Message 100 of 234
Top Contributors
Discussion stats
Announcements

Orbi WiFi 7