Announcements

Top Contributors
Reply
Highlighted
Aspirant

Re: Important Security Advisory Notification: Information on affected NETGEAR products

It’s R7000 I have no heard about update firmware but there is update download Your website Netgear but doesn’t update at nighthawk app or account login at there.
Model: R7000|AC1900 Smart WIFI Router
Message 51 of 149
Highlighted
NETGEAR Moderator

Re: Important Security Advisory Notification: Information on affected NETGEAR products

@Kelly61989 I am not clear on your question can you rephrase what you are asking.

 

Thanks

DarrenM

Message 52 of 149
Highlighted
Sensei

Re: Important Security Advisory Notification: Information on affected NETGEAR products

> [...] Am I correct in understanding that the router link the Security
> Advisory gave connects me to my own router and that others not connected
> to the router cannot see the information that pops up? So therefore, I
> don't need to worry about those encryption messages?

 

   Yes.  Exactly.  (Except for people looking over your shoulder, which
can be a hazard in some situations.)

 

If you're in doubt ("Trust no one," I always say), then disconnect
your modem (or other ISP connection) from the router's WAN/Internet
("W" = "Wide") port, and try it again. If you're not connected to the
Internet, then you must be talking to something local.  (Determining
whether it's the router is left as an exercise for the reader.)

Message 53 of 149
Highlighted
Aspirant

Re: Important Security Advisory Notification: Information on affected NETGEAR products

There is only download Firmware at the website for the update. But in the app or Log in at the admin at there is no update Firmware so far.
Model: R7000|AC1900 Smart WIFI Router
Message 54 of 149
Highlighted
NETGEAR Moderator

Re: Important Security Advisory Notification: Information on affected NETGEAR products

Yes we do not have a firmware out just yet for the R7000 we are working on that but for right now you will want to make sure remote management is disabled on your router.

 

DarrenM

Message 55 of 149
Highlighted
Guide

Re: Important Security Advisory Notification: Information on affected NETGEAR products

Darren;

 

When you say R7000, do you mean the entire R7000 family of routers or just the R7000 specifically.  I am interested as my router is a R7900.

Model: R7900|Nighthawk X6 AC3000 Tri-Band WiFi Router
Message 56 of 149
Highlighted
Sensei

Re: Important Security Advisory Notification: Information on affected NETGEAR products

   More bad/questionable advice (so far):

 

> If you have a desktop or laptop, open your web browser (Chrome and
> Firefox confirmed to work) and enter http://192.168.1.1/

 

   "192.168.1.1" is the default LAN IP address for a router (say,
Rxxxx), not for every affected model.  For a DSL modem+router (say,
Dxxxx), it's "192.168.0.1".  And either could be different for a variety
of reeasons.

 


>    5. Then Remote Management

 

   Not true for every affected model.

 

      https://community.netgear.com/t5/x/x/m-p/1882959

 

> [...] Some routers may have slightly different menus.

 

   You think?

 


   If this mess weren't a Netgear production, one might find the number
of errors packed into such a small space to be hard to believe.  And
then the helpful "corrections".  Yow.  Nice pictures, though.

Message 57 of 149
Highlighted
Aspirant

Re: Important Security Advisory Notification: Information on affected NETGEAR products

The email instructions don't match my UI. I had to click through to the KB article to see modified instructions. Maddening when instructions don't match the user interface!!!!! Email notice I received is copied below.

How to turn off Remote Management:

  1. On a computer that is part of your home network, type http://www.routerlogin.net in the address bar of your browser and press Enter.
  2. Enter your admin user name and password and click OK. If you never changed your user name and password after setting up your router, the user name is admin and the password is password.
  3. Click Advanced > Remote Management.  NOPE
  4. If the check box for Turn Remote Management On is selected, clear it.
  5. If Remote Management was turned on, click Apply to save your changes.
    Otherwise, click Cancel.

 

Model: R7000P|Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router
Message 58 of 149
Highlighted
Aspirant

Re: Important Security Advisory Notification: Information on affected NETGEAR products

with this advisory, what should i do if some of my tabs are not allowing me into them. for instince the web service managment tab to access the settings i need to comply with this advisory.

Model: A7000|Nighthawk AC1900 WiFi USB Adapter - USB 3.0
Message 59 of 149
Highlighted
Aspirant

Re: Important Security Advisory Notification: Information on affected NETGEAR products

When attempting to log into the router I keep getting the below prompt. Even after resetting, I'm still prompted to reset. 

Router Password Reset
We can help you reset your router's admin password. You need your router's serial number, which can be found on the router label. Enter your router's serial number in the field and click the Continue button.
Enter the router's Serial Number
Model: R7000P|Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router
Message 60 of 149
Highlighted
Aspirant

Re: Important Security Advisory Notification: Information on affected NETGEAR products

i do not need help resetting my password. i can log into the router. i just need to know if i need to worry about this advisory if the tabs that i need to access are greyed out and not allowing me to access them

Model: A7000|Nighthawk AC1900 WiFi USB Adapter - USB 3.0
Message 61 of 149
Highlighted
Tutor

Re: Important Security Advisory Notification: Information on affected NETGEAR products

Hi,
I'm hoping for a moderator reply.
My concern is that online shows
current Firmware Version 1.0.11.100
But my router says up to date with firmware showing V1.0.9.88_10.2.88.

Do I need to download and update since it won't auto update?
The failure of my system to recognize this update is a concern as I have auto update turned on and I do manual checks for update through the app. That's 1 concern.
My understanding is that neither version will have the 'hot fix' for the stated vulnerability.
That being said, again do I need to go to the trouble of doing a manual update, especially since a new update is forthcoming? That's my 2nd concern.
Thank you for your attention.
Model: A7000|Nighthawk AC1900 WiFi USB Adapter - USB 3.0
Message 62 of 149
Highlighted
Tutor

Re: Important Security Advisory Notification: Information on affected NETGEAR products

That happened to me also! I finally entered the numeric address.
Model: R7000P|Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router
Message 63 of 149
Highlighted
Tutor

Re: Important Security Advisory Notification: Information on affected NETGEAR products

Thank you DarrenM!
Model: R7000P|Nighthawk AC2300 Smart WiFi Dual Band Gigabit Router
Message 64 of 149
Highlighted
Aspirant

Re: Important Security Advisory Notification: Information on affected NETGEAR products

My Web Services Managerment is greyed out.  I can't go any further.  Am I OK?

Jeff

 

Model: R8000|Nighthawk X6 AC3200 Smart WIFI Router
Message 65 of 149
Highlighted
Aspirant

Re: Important Security Advisory Notification: Information on affected NETGEAR products

I logged into the router and saw the tab to update the firmware. I selected the update prior to checking to see if the Remote Management was On or not. I'm assuming it was on because now when I try to log back into the router i get this error message; 

 

"This site can’t be reached

 www.routerlogin.net refused to connect."

 

How do I circumvent this error message and log back into the router?

Model: R8000|Nighthawk X6 AC3200 Smart WIFI Router
Message 66 of 149
Highlighted
Tutor

Re: Important Security Advisory Notification: Information on affected NETGEAR products

I hope this is helpful... for novice and do it yourselfers. Some posts seem to need more info or responses.

Disclaimer: This info is for reference only, and not confirmed or intended to be any fix, fact, or advice. I am not a professional.

For many non-tech users, you will need to read and learn alot. You should already know basics, starting with knowing that using your wifi connected THROUGH your router to the internet is not the same as being connected TO your router using the GUI (user interface) of the router/wifi device. Also, there is a difference between connecting to your router's GUI directly (through your wifi at home), and connecting to your router's GUI remotely through the internet.

Netgear has tried to simplify logging in to your router's GUI with allowing 'www.routerlogin.net'. It may work for you. I have not found this effective. Rather, for me, the classic login method of the web address 192.168.1.1 has been effective. That may be different based on your router or network. Also, it may be that the simplified method did work, but no longer does. The classic method has never failed me, the simplified method has never worked for me. If yours pops up to reset the password, that just means too many incorrect login attempts have been made. Close out the browser window and start again, watching carefully your password entry. Should work. You may need to wait a period of time before it will let you try again, mine didn't.

Since information provided by Netgear has been mostly general for multiple models, hardware and software versions, I suggest going to the support page and checking on your router specific instructions. Input your model info. Download and read.

https://www.netgear.com/support/

Using this information about your specific router should help answer alot of concerns about logging in TO your router, and how to find the Remote Access setting using your GUI on the router. Mine was in the Web Services Management tab under Advanced Setup tab on the Advanced menu. If you don't have that, unfortunately, you may have to go through many or all screens or tabs to find the Remote Access setting on your GUI. This will also help you get to know your router and available settings. If you are a novice I recommend using caution changing settings you're not sure about. If you have a Web Services Management tab and it is not accessible or greyed out, my guess is that Remote Management cannot be changed on your router. However, I like to confirm my settings are correct. You may try restarting you router and going back on TO the GUI. Also, in my experience with routers, I have found that some settings may be accessible contingent on other settings. For example, the 2.4GHz wireless settings or guest settings can't be adjusted unless the 2.4GHz radio is turned on from a different tab. Maybe check that another setting has turned it off. I don't expect any settings could turn off Web Access Management. I could be wrong.

For me, I have googled settings I'm not sure about. Other resources or communities have good information, too.

Previously posted, if you have not turned on Remote Access, then it should still be off per factory settings.

Connecting to your router's GUI while at home through your wifi will probably show 'not secure'. That should not be a concern as you are connected TO your router THROUGH your router's wifi. There is no other network between the 2 devices. At home, directly connected through your wifi is how you should connect to the router for best security to use the router GUI. This 'not secure' warning should be a concern only if you are not connected THROUGH your router (if you are not using your home wifi), like with a remote connection through the internet. As a side note, I use an incognito tab... even when connecting THROUGH my router (wifi) directly so my login credentials and access TO my router are not stored by Google (Chrome browser) and do not show up in my history.

I suspect that remote access through the app is not the same as remote access through the physical router GUI. I have this turned off on the router, but is on in the app. This can only be enabled in the app only when directly connected to the router. I expect that the app allows this to be enabled only when it knows you have that specific router device as a measure of security. I can access remotely through the app over the internet, but try not to use this feature to avoid possible security issues. The app does try to connect directly TO the router THROUGH the wifi. Then if remote access is enabled in the app and if you are away, it asks if you want to connect remotely (through the internet). Based on previous posts, I am considering the app a non-issue. I think the issue is in the physical device software version, and not app related. I will, however, avoid using remote access on the app until the 'hot fix' is issued.

The setting that needs changed is in the router GUI, and cannot be changed in the app. So you have to log on to the router's GUI to make the changes recommended by Netgear.

If you have more questions, Google it. It works, but may take some time.

A previous moderator post also put a link in for email support. Look for that, too.

I hope this helps someone.
Model: R7000|AC1900 Smart WIFI Router
Message 67 of 149
Highlighted
Tutor

Re: Important Security Advisory Notification: Information on affected NETGEAR products

A better understanding of this vulnerability.. as I understand it.

Disclaimer: This info is for general reference only, and not confirmed or intended to be any fix, fact, or advice. I am not a professional.

Remote Access is a feature that allows you to login TO your router GUI THROUGH the internet. Turning this off will minimize the vulnerability threat, but will not completely remove the threat. This Remote Access is where the security issue lies. This is my opinion based on my research, I am not an expert.

Through tech means, a hacker could cause a problem allowing them access to your admin permissions, to your router GUI. Turning this off stops that.

However, direct network access could be an issue. If someone is on your wifi, they could possibly still achieve access... that includes if a hacker has snuck into your home network by other means, direct wifi hack nearby or over the internet.

I have Bitdefender Armor Security to help stop that sneaking into my home network over the internet, as well as a strong password for my network and for my router GUI login. If you have not changed your router GUI password, you should do that NOW! Make sure it is strong... upper case and lower case, numbers, some special characters, and longer is better. Write it down somewhere safe and easily accessible to you.

One other problem with this vulnerability has to do with browsing habits. Stick to only safe websites. Apparently, a malicious website can get access to this vulnerability in a certain way.

Using a Security package that monitors your browsing (safe browsing) for malicious web sites will help. My mobile device came with another company's security on it. I added the Armor to the device, both running together with no issues. Armor with Web Protection for my device comes as a free option with the Netgear Armor subscription. It's affordable for the peace of mind I now have with this issue.

From the initial announcement, and the links below, it appears my specific router is not yet fixed. I will continue good safety practices until I can know my device is fixed. Note that the announcement does not say that your latest firmware update has a fix in it, only that some do. Keep checking for your router hot fix.

More detailed information is available if you look for it. Google your questions. Other sites and communities have good info, too.

My source info from my Google news feed...
https://threatpost.com/netgear-zero-day-takeover-routers/156744/

https://blog.grimm-co.com/2020/06/soho-device-exploitation.html

What devices and software versions affected:
(I think this came as a link from within the blog above) This one has alot of info, I think using alot of memory, causing slow downs... Just be patient, scroll slowly, and wait if it hesitates. I had to close and re-open a few times, I think due to memory available...
https://github.com/grimm-co/NotQuite0DayFriday/blob/master/2020.06.15-netgear/exploit.py

Shows only 2 patches so far
https://www.techradar.com/news/netgear-router-security-flaws-finally-patched-after-six-month
Model: R7000|AC1900 Smart WIFI Router
Message 68 of 149
Highlighted
Aspirant

Re: Important Security Advisory Notification: Information on affected NETGEAR products

 

Got security update email from Netgear earlier today, followed the steps and during the firmware update the router firmware seems to have corrupted (router power light is white blinking) . Now my PC doesnt connect to routerlogin.net. Not able to do anything. Can't find real support to fix....looked at the existing community information..its not helping.....when it is none of my fault. Its Netgears faulty firmaware update that killed the product and  I can't reach to support because its out of warranty. It  seems like a sly sales technique to sell new products by rendering existing ones useless. I'm very disappointed....!!! 

Model: R8000|Nighthawk X6 AC3200 Smart WIFI Router
Message 69 of 149
Highlighted
Guide

Re: Important Security Advisory Notification: Information on affected NETGEAR products

Hey all,

 

Just thought I would take a moment to also mention that I received the Security alert. I checked and remote management is already off, since I'm  mainly using my R7000 as a secondary router, for testing of Netgear stock, and open firmwares such as DD-WRT, Fresh Tomato, etc.

 

Currently have Netgear stock version 1.0.11.100 running.  I did have a question, since the R7000 is NOT internet facing, it's remote access address would simply be a private IP given out  by the main router's DHCP server, which in turn would not expose the R7000 directly to the internet as it would, if it was directly connected to the modem.  With this said, would I still be affected by the breach by turning on  remote access to access the router from  a computer on my local network, that's not directly connected to the R7000.  I have no problem connecting to multiple network interfaces from the main iMac and therefore connecting to both routers directly.  I was just curious if, in my setup since I have a double NAT with two isolated LANs, if the security threat would affect me the same way as it would for someone with their NETGEAR router, as the main router.

 

Model: R7000|AC1900 Smart WIFI Router
Message 70 of 149
Highlighted
Apprentice

Re: Important Security Advisory Notification: Information on affected NETGEAR products

I've not received the email that has been referenced to, I've only read it here. My router is registered with Netgear.

 

I'm already running the latest firmware v.100 for my R7000 AC1900. If there is a security issue, there's no fix for it yet apparently? Or is there and I just don't know where it is or how to apply it?

 

I have no problems accessing my router GUI through 192.168.1.1, indeed that is the only way I can access the GUI via web brower, by typing in that ip address. If I type in 'routerlogin.net' or 'routerlogin.com' neither of those addresses work whatever browser I choose. A page just comes up telling me that I may not be connected to my router's WiFi network. I'm not bothered by that because typing in the ip address above works anyway.

 

Remote management was already disabled on my router anyway. Does remote management really need to be enabled on the Nighthawk App? I'm guessing if you want to look at your router settings independently of a web browser GUI, then yes, I suppose you do have to keep it enabled. If you don't use the App, it doesn't make any difference anyway.

 

Why is it the case that people who are on older firmwares press the check firmware update button and get a message back saying there is no newer firmware? The only way those people who aren't running the latest firmware can then 'upgrade' is by downloading the firmware from the Netgear downloads page applicable to their router, which is exactly what I had to do in April because I got the message on the GUI admin page that no update was available when there obviously was an update available.

 

If you do then decide to update your router, and I'll use the R7000 AC1900 as an example, you end up with a whole bunch of R7000 owners complaining on this very forum that they suffer continual 5ghz WiFi drops rendering the firmware unusable and so they downgrade again to a firmware that was released over 2 years ago because it solves the issue. Problem then is, that older firmware might not be security safe. Where is the sense in that? Why hasn't this issue with newer firmwares not apparently working with certain routers in the same product range, been addressed? Is it because some of us just aren't affected and so because the firmware works for some and not for others, the issue just doesn't get dealt with?

 

I also don't understand why some users haven't changed their router password, from errr, password? The first thing anyone should do to keep their router 'safe' from others hacking it, is to change the password to something others can't actually guess. Am I being harsh by even stating this? or is it just commonsense?

 

And of course it has to be said, make sure you're using decent anti-virus and update it regularly. The first thing I do manually every single time I switch on my laptop, is update the virus database before I even start browsing.

 

I eagerly await further updates from Netgear Admin staff.

Message 71 of 149
Highlighted
Aspirant

Re: Important Security Advisory Notification: Information on affected NETGEAR products

 
Model: R6700|Nighthawk AC1750 Smart WiFi Router
Message 72 of 149
Highlighted
Aspirant

Re: Important Security Advisory Notification: Information on affected NETGEAR products

 
Message 73 of 149
Highlighted
Aspirant

Re: Important Security Advisory Notification: Information on affected NETGEAR products

I only use a Netgear Extender updated with the most recent firmware, and my router is supplied by my ISP. Although the advisory supposedly applies to the range extender, the instructions are specific to routers, so non of the options are available to me. Do I need to do anything? If so, what do I do?

Model: EX3700|AC750 WiFi Range Extender Essentials Edition
Message 74 of 149
Highlighted
Aspirant

Re: Important Security Advisory Notification: Information on affected NETGEAR products

firmware version v1.0.9.88_10.2.88
Windows 10
I am connected to my home network and when I try to login to access the page routerlogin.net I receive the following:

You may not be connected to your Router’s WiFi network. To access routerlogin.com, your device must be connected to your Router’s WiFi network. Check your current connection and try again.

Model: R7000|AC1900 Smart WIFI Router
Message 75 of 149