Discussion stats
  • 9 replies
  • 3817 views
  • 6 kudos
  • 8 in conversation
Announcements

Top Contributors
Reply
Highlighted
Tutor

R7000 Vulnerability - When will new firmware be released to address this?

ZD Net is now recommending that we shut down our R7000 routers until Netgear generates a fix to the exploit code that was recently released.  As shutting down a router is not a reasonable option I would like to know when Netgear intends to address this issue.  It should be now.

Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 1 of 10

Accepted Solutions
NETGEAR Employee Retired

Re: R7000 Vulnerability - When will new firmware be released to address this?

Hi All,

 

The Security Advisory for VU 582384 has been updated.

Also, for more information see the link below.

 

https://community.netgear.com/t5/Nighthawk-WiFi-Routers/Two-leading-Netgear-routers-are-vulnerable-t...

ElaineM
NETGEAR Community Team

View solution in original post

Message 10 of 10

All Replies
Highlighted
Master

Re: R7000 Vulnerability - When will new firmware be released to address this?

Knowing NG, it can take a few weeks or up to a month

Routing: NETGEAR R7800 - Voxel Firmware 1.0.2.78SF
Switching: 2x NETGEAR 8-ports (GS108v4) / 1x NETGEAR 16-ports (JGS516v2)
Desktop: AMD Ryzen 7 3700X - Server: Intel Core i7-7700K - NAS: Intel Pentium G4400
Message 2 of 10
Highlighted
Initiate

Re: R7000 Vulnerability - When will new firmware be released to address this?

You may not neet to shut down your router. Came across this blog describing a simple temporary fix:

 

www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/

 

Basically it describes killing the http server process ( using the vulnerability to do so of all things). Rebooting the router will start the http process again.

 

Hope an update will be available soon. I just bought my R7000 and was rather disapointed to hear this.

Message 3 of 10
Highlighted
Guru

Re: R7000 Vulnerability - When will new firmware be released to address this?

Netgear has acknowledged the vulnerability.

http://kb.netgear.com/000036386/CVE-2016-582384

 

Message 4 of 10
Highlighted
NETGEAR Employee Retired

Re: R7000 Vulnerability - When will new firmware be released to address this?

 

The Security Advisory has been updated with more information and beta firmware for some models. Thanks for your patience.

Message 5 of 10
Highlighted
Initiate

Re: R7000 Vulnerability - When will new firmware be released to address this?

 
I use an ARLO compatible version on my R7000, will there be an update to correct this vulnerability?

Is there already a beta version correcting the vunerability with ARLO support on the R7000?
 
My current firmware is the R7000-V1.0.6.40_1.1.90
Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 6 of 10
Highlighted
Aspirant

Re: R7000 Vulnerability - When will new firmware be released to address this?

Message 7 of 10
Highlighted
NETGEAR Employee Retired

Re: R7000 Vulnerability - When will new firmware be released to address this?

Arlo support was removed from R7000 firmware a while back now.

You can use an Arlo base station with your cameras. You can even use the new Arlo Pro base station which has a siren.

Message 8 of 10
Highlighted
Initiate

Re: R7000 Vulnerability - When will new firmware be released to address this?

I invested in a camera arlo without base station because you praised the possibility of using arlo with the R7000.

That you no longer support ARLO for the R7000 is one thing, but you need to fix at least an older firmware supporting ARLO by fixing the vulnerability. I'm not the only one to still use an old firmware compatible ARLO!

Message 9 of 10
NETGEAR Employee Retired

Re: R7000 Vulnerability - When will new firmware be released to address this?

Hi All,

 

The Security Advisory for VU 582384 has been updated.

Also, for more information see the link below.

 

https://community.netgear.com/t5/Nighthawk-WiFi-Routers/Two-leading-Netgear-routers-are-vulnerable-t...

ElaineM
NETGEAR Community Team

View solution in original post

Message 10 of 10