Announcements

Top Contributors
Reply

UPDATED 6/26/20: Important Security Advisory Notification: Information on affected NETGEAR products

We have become aware of vulnerabilities involving certain NETGEAR products and have issued a security advisory.

 

We have released hotfixes addressing some of the vulnerabilities for certain impacted models and continue to work on hotfixes for the remaining vulnerabilities and models, which we will release on a rolling basis as they become available.  We strongly recommend that you download the latest firmware containing the hotfixes as instructed in the security advisory.  We plan to release firmware updates that fix all vulnerabilities for all affected products that are within the security support period. If you have Remote Management turned on, please turn it off immediately.

 

Until a hotfix or firmware fix is available for your product, we strongly recommend turning off Remote Management in your product Web GUI. Turning off Remote Management in your product Web GUI significantly reduces your risk of exposure to these vulnerabilities

 

Please keep in mind that Remote Management in your product Web GUI is turned off by default, so if you never enabled Remote Management in your product Web GUI, you do not need to take any action to disable Remote Management in your product Web GUI.

 

Please note that the Remote Management feature in your product Web GUI is different from the Remote Management feature in the Nighthawk app.  You should NOT turn off Remote Management in the Nighthawk app. 

 

If you have Remote Management in your product Web GUI turned on, please turn it off immediately.

 

How to turn off Remote Management in your product Web GUI:

  1. On a computer that is part of your home network, type http://www.routerlogin.net in the address bar of your browser and press Enter.
  2. Enter your admin user name and password and click OK. If you never changed your user name and password after setting up your router, the user name is admin and the password is password.
  3. Once you have logged in successfully, select the ADVANCED tab on the browser screen.
  4. Click on Advanced Setup
  5. Click on Remote Management.

    Note: on some products you may need to click on Web Services Management instead

  6. If the check box for Turn Remote Management On is checked, click on it so that the box is unchecked.  Then click Apply to save your changes.
  7. If the check box for Turn Remote Management On is unchecked, then click Cancel to leave the page as Remote Management is already turned off

 

UPDATE 6/25/20:

The updated advisory now includes new hot fixes for:

UPDATE 6/30/20:

The updated advisory now includes new hot fixes for:

UPDATE 7/7/20:

The updated advisory now includes new hot fixes for:

Please follow the link below to see the updated advisory. 

 

https://kb.netgear.com/000061982/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Mobi...

 

This thread will be updated as new information or updates become available.

 

Message 1 of 149
Highlighted
Aspirant

Re: Important Security Advisory Notification: Information on affected NETGEAR products

I haven’t update yet but I didn’t get firmware update what is the version ? I have to turn off remote managements?

Thanks Kelly
Model: R7000|AC1900 Smart WIFI Router
Message 2 of 149
Highlighted
Initiate

Re: Important Security Advisory Notification: Information on affected NETGEAR products

I'm trying to login in from the web address given in the email: http://www.routerlogin.net  and it won't allow me to login. It's repetitive with putting in username/password, serial number, security questions and then kicks me back to the beginning without fully logging me into my account. I had to go to netgear.com to log into my account

Model: R6700|Nighthawk AC1750 Smart WiFi Router
Message 3 of 149
Highlighted
Initiate

Re: Important Security Advisory Notification: Information on affected NETGEAR products

I received an email to turn off remote management. However the routerlogin.net only results in an error message no matter what device I try from.
Message 4 of 149
Highlighted
Initiate

Re: Important Security Advisory Notification: Information on affected NETGEAR products

That's some pretty crappy documentation, at least for my router it does not apply. Come on Netgear - you can do better.

 

To get to the Remote Managment feature on my Nighthawk R7000, I had to go to the Advanced Tab. Under the Advanced Setup drop down menu on the left-hand side, I picked Web Services Management.

Message 5 of 149
Highlighted
Initiate

Re: Important Security Advisory Notification: Information on affected NETGEAR products

Sure wish the "Security Advisory Notification" and links to more info online were written in language I could understand! I have no idea whether I'm supposed to heed the cautions, download anything, etc. It's all written for "geeks," not for average (maybe dense) folks like me. HELP! What do I need to do?

Model: R7000P|Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router
Message 6 of 149
Highlighted
Initiate

Re: Important Security Advisory Notification: Information on affected NETGEAR products

Thank you @mynameisrobo i have the same model. Thanks for sharing how to get to the remote services! Just from the instructions from Netgear I could not find where this was. Your instructions helped me find it. Thanks!
Model: R7000|AC1900 Smart WIFI Router
Message 7 of 149
Highlighted
Sensei

Re: Important Security Advisory Notification: Information on affected NETGEAR products

>   3. Click Advanced > Remote Management.

 

      https://community.netgear.com/t5/x/x/m-p/1882959

 

> I'm trying to login in from the web address [...]

 

> [...] the routerlogin.net only results in an error message [...]

 

   Including a link to some KB article which covers such problems might
have been wise, too.

Message 8 of 149
Highlighted
Initiate

Re: Important Security Advisory Notification: Information on affected NETGEAR products

So this security advisory is legit and not a spoof/phishing email? security@e.netgear.com made me suspicious. Thoughts?

 

thanks!

Message 9 of 149
Highlighted
Tutor

Re: Important Security Advisory Notification: Information on affected NETGEAR products

 
Model: C7000|Nighthawk - AC1900 WiFi Cable Modem Router
Message 10 of 149
Highlighted
Initiate

Re: Important Security Advisory Notification: Information on affected NETGEAR products

This is a pretty bad security breach and a failure on the part of Netgear. It should provide a free month of Netgear Armor to all its customers. 

Message 11 of 149
Highlighted

Re: Important Security Advisory Notification: Information on affected NETGEAR products

Hello @Kelly61989,

 

If you didn't enable Remote Management from a web browser admin page you do not need to take any further action. Can you confirm if you have ever enabled this feature? If so, what model do you have and we can try to walk you through the steps. We can also determine if there is a firmware available or if the update will be posted in the upcoming days.

 

Best Regards,

ChristineT

 

 

Message 12 of 149
Highlighted

Re: Important Security Advisory Notification: Information on affected NETGEAR products

Hello @jules2c,

 

Yes, this is a legitimate email from NETGEAR. Please let us know if you need any further assistance!

 

Kind Regards,

Christine 

Message 13 of 149
Highlighted

Re: Important Security Advisory Notification: Information on affected NETGEAR products

Hello @Jenna31,

 

Please let us know what the error message is along with which router model you have so we can better assist you. You'll also want to be sure the device you're trying to log in with is connected to your router's WiFi. 

 

We're looking forward to your next update.

 

 

Best Regards,

Christine 

Message 14 of 149
Highlighted

Re: Important Security Advisory Notification: Information on affected NETGEAR products

Hello @mikezot9,

 

Thank you for your feedback! If you haven't ever changed any configuration on your router that would allow you to access the router remotely (at a different physical location) then there is no further action required on your part. If you can provide your router model number we can provide step by step instructions on how to confirm if this feature is enabled.

 

Warm Regards,

Christine 

Message 15 of 149
Highlighted
Initiate

Re: Important Security Advisory Notification: Information on affected NETGEAR products

Mynameisrobo,

Thanks to users like you, other users like me can fill in the inadequate instructions from NetGear.  

 

 

"That's some pretty crappy documentation, at least for my router it does not apply. Come on Netgear - you can do better.

 

To get to the Remote Managment feature on my Nighthawk R7000, I had to go to the Advanced Tab. Under the Advanced Setup drop down menu on the left-hand side, I picked Web Services Management"

Model: R7000P|Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router
Message 16 of 149
Highlighted
Initiate

Re: Important Security Advisory Notification: Information on affected NETGEAR products

Thanks for the reply.

Router # is R7000-100NAS
And no, I don't believe I've ever changed the configuration since buying it 3 months ago.

So I don't need to do anything? Great!

Thanks again, Mike

 

 

Model: A7000|Nighthawk AC1900 WiFi USB Adapter - USB 3.0
Message 17 of 149
Highlighted
Apprentice

Re: Important Security Advisory Notification: Information on affected NETGEAR products

I have to admit, I'm a bit baffled if I'm honest.

 

So Netgear push out this advisory urging users to update to the latest firmwares. That 'advice' doesn't affect me personally because I am already using the latest firmware without issue on my R7000 AC1900.

 

If this is all such an issue, perhaps Netgear could explain why they allow access to all their previous firmwares for users to download? Why not just pull them from their downloads pages?

 

The instructions in their post wasn't clear enough as others discovered regarding remote management in the Web GUI. Mine was disabled anyway. I still don't understand why they want people to keep remote management turned on in the NIghthawk App? I disabled mine ages ago. Netgear need to explain why they are advising users to keep remote management turned on in the App. Does anyone know?

 

As far as overall security is concerned, if you've got decent anti-virus (I use Bitdefender Total Security), I really don't see what the problem is.

Model: R7000|AC1900 Smart WIFI Router
Message 18 of 149
Highlighted
Tutor

Re: Important Security Advisory Notification: Information on affected NETGEAR products

Christine, 

 

I have no idea how to respond to your inquiries other than the information I provided.  Will need additional information.  

Model: R7000|AC1900 Smart WIFI Router
Message 19 of 149
Highlighted
Tutor

Re: Important Security Advisory Notification: Information on affected NETGEAR products

Christine, 

 

As I noted in my previous response that I had no idea on how to respond to your directions without assistance from you.  

 

In fact, I have had no difficulty with my router as it connects to another router from my cable provider.  

Model: R7000|AC1900 Smart WIFI Router
Message 20 of 149
Highlighted
Tutor

Re: Important Security Advisory Notification: Information on affected NETGEAR products

Christine, 

I agree with you 100%. 

 

Thank you for your help.

 

Craftboy1

Model: R7000|AC1900 Smart WIFI Router
Message 21 of 149
Highlighted
Initiate

Re: Important Security Advisory Notification: Information on affected NETGEAR products

When I followed the link to learn whether my remote was on or off, I received a notification that my password would not be encrypted. Once logged in, my browser notified me that the connection was not secure. Meanwhile, a moving line on the page showed my connections and their passwords.

 

I don't understand most of this stuff, so I may be using the wrong terminology, but this seems quite insecure and strange. Why would you use unencrypted passwords and a non-secure site that shows my equipment passwords? What do I need to know, in the plainest English possible please.

Model: R6700|Nighthawk AC1750 Smart WiFi Router
Message 22 of 149
Highlighted

Re: Important Security Advisory Notification: Information on affected NETGEAR products

1.How will we know when a hotfix is available or if it has already been implemented? I went to your download page and the only download there is a R7000P-1.3.1.64_10.1.36 which doesn't seem to have anything to do with the issue.

2. Will we be provided with a download link and DETAILED instructions or will this "fix" be implemented with no action required by consumer? My remote was not turned on at any point.

Model: R7000P|Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router
Message 23 of 149
Highlighted
Sensei

Re: Important Security Advisory Notification: Information on affected NETGEAR products

> [...] why they allow access to all their previous firmwares [...]

 

   One reason would be that "newer" and "better" are spelled differently
for a reason, and many users might prefer their old, known bugs to
whatever new bugs Netgear might have developed.  Or to avoid losing
desired features which might have been dropped from a newer version.

 

> [...] why they are advising users to keep remote management turned on
> in the App. [...]

 

   Knowing nothing, I'd guess that the intention was to say that there's
no _need_ to "turn off Remote Management in the Nighthawk app", rather
than what was actually said ("You should NOT turn off [...]").

 


> Yes, this is a legitimate email from NETGEAR. [...]


   No one can know that without seeing the e-mail headers in the message
which that user received.  All that can be known is that Netgear is
sending out legitimate e-mail messages, and that that user _might_ have
gotten a legitimate e-mail message from Netgear.

 

   _I_ could send out an e-mail message which _says_ that it came "From:
"NETGEAR Security" <security@e.netgear.com>", and I'm emphatically not
Netgear.

 


   One very effective way to boost noise traffic on these forums is to
post an inaccurate, misleading, unhelpful "Important Security Advisory
Notification".  Was that the intention here?

Message 24 of 149
Highlighted
Sensei

Re: Important Security Advisory Notification: Information on affected NETGEAR products

> [...] my browser notified me that the connection was not secure. [...]

 

      https://community.netgear.com/t5/x/x/m-p/1897857

 

> [...] Meanwhile, a moving line on the page showed my connections and
> their passwords.

 

   That "feature" has generated a few complaints over the years.  It is
convenient for users, however.

Message 25 of 149