Reply
Highlighted
Aspirant

R7000P - DnsMasq heap buffer overflow vulnerability - Avast CVE-2017-14491

I just bought the R7000P Nighthawk AC2300 WiFi Router and learned from my Avast security software that it is has following vulnerability:

R7000P - DnsMasq heap buffer overflow vulnerability - Avast  CVE-2017-14491

When will there be a new firmware update to address this security vulnerability? 

 

Details

 

We have identified the following problem with your router or Wi-Fi hotspot device:

DnsMasq heap buffer overflow vulnerability


Severity: High

Reference: CVE-2017-14491 | Google Security Blog

Description:
The affected device's DNS service is running an outdated version of the DnsMasq software which is known to have a heap buffer overflow vulnerability. A remote attacker can gain control of your network device and your Internet connection by sending malformed DNS packets to the device. It allows the attacker to intercept connections and perform a traffic hijack, or execute arbitrary code with unrestricted privileges as well as access all important and private data stored on the device -- your device login/password combination, your Wi-Fi password, and your configuration data.

Impact:
Any device connected to your network, including computers, phones, tablets, printers, security cameras, or any other networked device in your home or office network, may have an increased risk of compromise.

Recommendation:
The issue was fixed in DnsMasq software version 2.78, released in October 2017.

To solve the vulnerability on your device, apply the firmware or system update that contains DnsMasq software version 2.78 or higher provided by your device's manufacturer.

Model: R7000P|Nighthawk AC2300 Smart WiFi Router with MU-MIMO
Message 1 of 5
Highlighted
Aspirant

Re: R7000P - DnsMasq heap buffer overflow vulnerability - Avast CVE-2017-14491

Have a case open with Netgear.  Level 2 has responded and they are following up with engineering. Hope they come up with a fix to address this.

 

Model: R7000P|Nighthawk AC2300 Smart WiFi Router with MU-MIMO
Message 2 of 5
Highlighted
Guru

Re: R7000P - DnsMasq heap buffer overflow vulnerability - Avast CVE-2017-14491

Yeah, some search does unveil almost all details - as it happens with almost all Netgear devices with dnsmasq in place. The "official" argumentation we hear from Netgar claiming that the vulnerability can't be exploited, it does not apply, blah-blah. The test done by most tools is simply a version number check. See also e.g. https://community.netgear.com/t5/General-WiFi-Routers-Non/DnsMasq-heap-buffer-overflow-vulnerability...

 

dnsmasq 2.78 (as it was updated for the R9000 in an amazing time since the issue came up the first time) has some issues, one might guess that one or the other policy maker isn't happy and  it might require 2.79 or 2.8 at least.

 

Updating some Open Source code - without massive changes and impact - seems to be impossible for Netgear consumer garbage division - to many products, no regular code review, no regular security audits, ... ignorance pure. This does levae a very bad taste on Netgear reputation - also ref. business products, too.

 

 

Message 3 of 5
Highlighted
Master

Re: R7000P - DnsMasq heap buffer overflow vulnerability - Avast CVE-2017-14491


@schumaku wrote:

Updating some Open Source code - without massive changes and impact - seems to be impossible for Netgear consumer garbage division - to many products, no regular code review, no regular security audits, ... ignorance pure. This does levae a very bad taste on Netgear reputation - also ref. business products, too.

 

 

 

 


@schumaku 

Wow a post like that from me would get Michael all excited. Smiley Wink

However, I agree with everything said. Netgear does not seem to have IHMO qualified coding engineers right now which leads to the garbage code updates.

As I have said many times before, Netgear used to be my go to and recommended, but no more. 

--Bill
ISP Comcast, Modem-Netgear CM1150V, Router-Unifi Security Gateway-Pro4, AP-2 Unifi AP-LR
Tesla > Edison
Message 4 of 5
Highlighted
Guru

Re: R7000P - DnsMasq heap buffer overflow vulnerability - Avast CVE-2017-14491

Well, regardless if the RD is in-house or outsourced: There is no regular product review, there are no regular security audits. "RD, you have 24 hours - replacing dnsmasq as well as reviewing and fixing some stinky and unsupported config options leading to issues (returning 

*** [whatever] can't find sadfsdf.s.adf.sadfsadf: Server failed instead of a *** sadfsdf.s.adf.sadfsadf ... : Non-existent domain."

 

Ah yeah, this was fixed along with the update to dnsmasq on the R9000 few releases ago, along with the update of dnsmasq to 2.78 (not sufficient as per many secrity scanners policies) - because of some nasty people here in the community.

 

Would be interesting to learn what the RAX80 and the RAX120 are returning for both the dnsmasq version as well as attempting to resolve a non-existing domain. @duckware 

 

Message 5 of 5
Top Contributors
Discussion stats
  • 4 replies
  • 490 views
  • 0 kudos
  • 3 in conversation
Announcements