Orbi WiFi 7 RBE973

Re: R7000 Vulnerability Note VU#582384

JasonH83
Tutor

Re: R7000 Vulnerability Note VU#582384

yeah, they could at least acknowledge the issue.

Message 26 of 46
terrifiedsecguy
Initiate

Re: R7000 Vulnerability Note VU#582384

@BvdRee I like the Twitter idea, but we need a hashtag as well. How about #NetgearBrokenSecurity?

Message 27 of 46
bas996
Tutor

Re: R7000 Vulnerability Note VU#582384

Or #NetgearSevereSecurityFlaw ...

I don't understand why Netgear does not communicate at all. My (other brand) NAS receives updates regularly, even today.

Message 28 of 46
johnkob
Guide

Re: R7000 Vulnerability Note VU#582384

Go for it.  I haven't heard a word or read anything. Anyone?

Message 29 of 46
robwilkens
Guide

Re: R7000 Vulnerability Note VU#582384

Any chance we can get the government (CERT=Sponsored by Homeland Security) to make the company issue a 'safety recall' the way they did for the note 7, or for other dangerously faulty products?

Message 30 of 46
TheEther
Guru

Re: R7000 Vulnerability Note VU#582384

Netgear has acknowledged the vulnerability.

http://kb.netgear.com/000036386/CVE-2016-582384

Message 31 of 46
troco
Tutor

Re: R7000 Vulnerability Note VU#582384

ack all they want...  I want to know if they are working on it and are going to continue to support these devices...  Or are the owners of these devices going to be tossed to the curb?

Message 32 of 46
TheEther
Guru

Re: R7000 Vulnerability Note VU#582384

The article states: "NETGEAR is investigating and will update this article once we have more information."  So, I'd say they're working on it.

Message 33 of 46
mdgm-ntgr
NETGEAR Employee Retired

Re: R7000 Vulnerability Note VU#582384

The Security Advisory has been updated with more information and beta firmware for some models. Thanks for your patience.

Message 34 of 46
bas996
Tutor

Re: R7000 Vulnerability Note VU#582384

This backdoor (or no door) was reported to Netgear four months ago. Shocking.

Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 35 of 46
robwilkens
Guide

Re: R7000 Vulnerability Note VU#582384

R7300 was listed as an affected model, should i assume my R7300DST will be patched as well-- it's the same as the R7300 + a "Dead Spot Terminator"(Separate device)

Message 36 of 46
mondenath
Prodigy

Re: R7000 Vulnerability Note VU#582384

the beta firmware is available but still readycloud broken and email schedule failing most of the time.

 

Still the firmware is not complete.

Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 37 of 46
mdgm-ntgr
NETGEAR Employee Retired

Re: R7000 Vulnerability Note VU#582384


@robwilkens wrote:

R7300 was listed as an affected model, should i assume my R7300DST will be patched as well-- it's the same as the R7300 + a "Dead Spot Terminator"(Separate device)


My understanding is that the only R7300 is the R7300DST.

Message 38 of 46
johnkob
Guide

Re: R7000 Vulnerability Note VU#582384

Well, by now most of you have seen the official Netgear status of this issue.  They've released beta versions of a production fix for several models.  Have any of you folks installed the beta versions and if so what have you experienced? Thank you.

 

Message 39 of 46
mdgm-ntgr
NETGEAR Employee Retired

Re: R7000 Vulnerability Note VU#582384

I'm running it on my R7000 which I'm currently using just as an AP and it's working fine for me.

 

Others have also installed it. See e.g. https://community.netgear.com/t5/Nighthawk-WiFi-Routers/The-last-straw-new-vulnerability-for-R7000-R...

Message 40 of 46
ElaineM
NETGEAR Employee Retired

Re: R7000 Vulnerability Note VU#582384

Message 41 of 46
Richard284
Aspirant

Re: R7000 Vulnerability Note VU#582384

I see Netgear has released a beta fix for this.  I have a Mac mini which uses OSX.  Netgear Router R7000 AC 1900.  Instructions say to download it and save it to my desktop and then follow instructions.  I downloaded the fix and I get a message that says Safari can't open it and it advises me to download an app that will.  ????  What app would that be?

Thanks

Message 42 of 46
kochin
Apprentice

Re: R7000 Vulnerability Note VU#582384

@Richard284
The file you downloaded is a firmware file. Ignore what Safari told you, and continue to follow the instructions on http://kb.netgear.com/000036453/R7000-Firmware-Version-1-0-7-6-Beta. Basically you log in your router via Web interface and use it to update its firmware.
Message 43 of 46
Richard284
Aspirant

Re: R7000 Vulnerability Note VU#582384

Thank you

Message 44 of 46
cyberprashant
Luminary

Re: R7000 Vulnerability Note VU#582384

No issues updated r8000 and 7000 beta f/w
Message 45 of 46
ElaineM
NETGEAR Employee Retired

Re: R7000 Vulnerability Note VU#582384

Hi All,

 

The Security Advisory for VU 582384 has been updated.

 

Also, for more information see the link below.

 

https://community.netgear.com/t5/Nighthawk-WiFi-Routers/Two-leading-Netgear-routers-are-vulnerable-t...

Message 46 of 46
Top Contributors
Discussion stats
Announcements

Orbi WiFi 7