Security Advisory for WPA-2 Vulnerabilities, PSV-2017-2826, PSV-2017-2836, PSV-2017-2837
NETGEAR is aware of WPA-2 security vulnerabilities that affect NETGEAR products that connect to WiFi networks as clients. These vulnerabilities are potentially exploitable under the following conditions:
- Your devices are only vulnerable if an attacker is in physical proximity to and within wireless range of your network.
- Routers and gateways are only affected when in bridge mode (which is not enabled by default and not used by most customers). A WPA-2 handshake is initiated by a router in bridge mode only when connecting or reconnecting to a router.
- Extenders, Arlo cameras, and satellites are affected during a WPA-2 handshake that is initiated only when connecting or reconnecting to a router.
- Mobile hotspots are only affected while using WiFi data offloading, which is not enabled by default.
If these vulnerabilities are exploited, an attacker could potentially perform the following types of attacks, among others:
- Eavesdrop on communication between the affected product and the router to which it connects.
- Hijack unencrypted web sessions (sessions not using HTTPS). Encrypted traffic, such as banking website sessions and Arlo camera feeds, remains protected.
NETGEAR Community Team