NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

3v3ntH0riz0n's avatar
3v3ntH0riz0n
Apprentice
Dec 09, 2016
Solved

NETGEAR Routers and CVE-2016-582384 security vulnerability

I am a bit concerned about this recent article: http://www.zdnet.com/article/two-netgear-routers-are-vulnerable-to-trivial-to-remote-hack/ https://www.kb.cert.org/vuls/id/582384 Details: Overview Net...
backdoor
Firmware
injection
R7000
Security
vunerable
  • mdgm-ntgr's avatar
    mdgm-ntgr
    Dec 12, 2016


    NETGEAR is aware of the security issue #582384 affecting R6250, R6400, R6700, R6900, R7000, R7100LG, R7300DST, R7900, R8000, D6220, D6400 routers. Stay updated here: http://kb.netgear.com/000036386/CVE-2016-582384

     

    We now have beta firmware containing fixes for some affected models.

    We're working hard on fixes for the other affected models and will update the security ticket above soon.

     

    **** UPDATE from NETGEAR - Added by ChristineT on 12/15/16 at 10:30 AM PST ****

     

    To our NETGEAR Community, we sincerely apologize for any complications you may have encountered due to the recently publicized vulnerability, referred to as VU 582384. We initially became aware of this vulnerability last Friday when CERT emailed us, and because we had no record of a prior report, we began our standard process of validation prior to making any public statements. 

     

    Once it had been disclosed that the first notification actually occurred in August, we conducted a search and confirmed this was the case. Admittedly, this was an oversight on our part. While no security reporting system is perfect, we aim to do better, and are evaluating how to improve our response process.

     

    NETGEAR has created a channel for security researchers and other members of the public to contact us regarding potential security issues affecting NETGEAR products (security@netgear.com), which is publicly disclosed from the NETGEAR Product Security Advisory page.  We receive numerous emails through this channel, the overwhelming majority of which, on review, do not raise product security issues.  When we do recognize that there is a security risk to our customers, we work diligently to address them in a timely manner, as we have done in this case since learning about it last Friday.

     

    Security Advisory for VU 582384 knowledgebase article.

    NETGEAR Product Security Advisory page.

     

     

JMNB's avatar
JMNB
Aspirant
Dec 17, 2016

I tried to follow the instructions but they are so arcane as to be useless unless you are a tech geek, and I am not. It really bothers me that Netgear assumes customers are familiar with technical IT terminology and processes. It would be helpful if, before releasing instructions, your support team finds a person who is NOT a tech geek and ask them if they understand the instructions.

As it stands, I am unable to complete the instructions to upgrade the firmware to fix the security issue. Since Netgear has offered a "fix" that is not understandable by the general public consumer, they will be liable for any lawsuits arising from security breaches. I know I will be first in line in the courts if it happens.

michaelkenward's avatar
michaelkenward
Guru - Experienced User
Dec 17, 2016
JMNB wrote:

It would be helpful if, before releasing instructions, your support team finds a person who is NOT a tech geek and ask them if they understand the instructions.

 

I'm no geek, but I admit that it can take a bit of effort to work out what to do, but once done you will find that it is really easy.

 

You haven't told us where you get stuck, or what hardware you want to fix, so we'll have to start from the beginning.

 

The first thing to do is to consult the manual for your device. (Look for a section called Upgrade the Router/Modem Firmware.) Then check that the following steps, which should work for most hardware, apply to you.

 

  • Download the firmware for your device
  • Launch a web browser from a computer or wireless device (preferably a computer) that is connected to the network.
  • Type http://www.routerlogin.net or http://www.routerlogin.com.
    You should see a login screen.
  • Enter the user name and password.
    The user name is admin. The default password is password. (These are case-sensitive.)
    The BASIC Home screen displays.
  • Navigate to ADVANCED > Administration > Firmware Upgrade.
    You should see the Firmware Upgrade screen.
  • Click the Browse button.
  • Find and select the saved firmware on your computer.
  • Wait for the thing to reboot and away you go.

If you get stuck in the process, make a note of where, and any messages you see, and come back with some clues that people can use to guide you through the obstacles.