× Introducing the Orbi 970 Series Mesh System with WiFi 7 technology. For more information visit the NETGEAR Press Room.
Orbi WiFi 7 RBE973
Reply

Security email: Disable remote management

FWP
Aspirant
Aspirant

Security email: Disable remote management

I received an e-mail about Web GUI password recovery vulnerability and two-step instructions to follow.  I was successful in step 1. Step 2 requires that you check to ensure that remote management is disabled.  I downloaded the user guide for my model and clicked on advanced-advanced setup-remote management as the guide shows. The guide shows a screen with boxes to check.  Mine is a blank page.  Does this mean that my model does not permit remote management even though the user guide suggests that it does? Or does this suggest that access was gained remotely?  Something else?

 

Advice appreciated.

Model: WNDR4500v2|N900 Wireless Dual Band Gigabit Router
Message 1 of 29

Accepted Solutions
ElaineM
NETGEAR Employee Retired

Re: Security email: Disable remote management

Hi All,

 

It is a legit e-mail.

We also have posted it on here in the community.

 

Web GUI Password Recovery and Exposure Security Vulnerability

View solution in original post

Message 4 of 29

All Replies
DavidNZ
Aspirant

Re: Disable remote management

I received the same email. Is it genuine?

Message 2 of 29
FWP
Aspirant
Aspirant

Re: Disable remote management

Hi,

I found the same security advisory message on the Netgear website .  See link

https://www.netgear.com/about/security/?cid=gwmng

 

Interestingly, the advisory was released on 5/9/2016 and I only received the e-mail yesterday almost 6 weeks later.  I think it is real

 

Message 3 of 29
ElaineM
NETGEAR Employee Retired

Re: Security email: Disable remote management

Hi All,

 

It is a legit e-mail.

We also have posted it on here in the community.

 

Web GUI Password Recovery and Exposure Security Vulnerability

Message 4 of 29
capayne
Aspirant

Re: Security email: Disable remote management

Default Gateway is blank, and I cannot figure out how to connect my PC to the router.  I have an ethernet cable, but there's only one place to plug that in, and that's where the internet cable is plugged in.

Model: WNDR4500v3|N900 WIRELESS DUAL BAND GIGABIT ROUTER
Message 5 of 29
ElaineM
NETGEAR Employee Retired

Re: Security email: Disable remote management

@capayne What's the model number and version of your NETGEAR device?

Message 6 of 29
capayne
Aspirant

Re: Security email: Disable remote management

WNDR4500v3N900

 

Model: WNDR4500v3|N900 WIRELESS DUAL BAND GIGABIT ROUTER
Message 7 of 29
ElaineM
NETGEAR Employee Retired

Re: Disable remote management

@capayne There should be 4 LAN ports available for you to connect your computers. Unless all those 4 are being used already.

The yellow/WAN/Internet port should be used by the modem.

Now, in order for you to check and follow the instructions provided from the link, connect your PC directly to one of the 4 ports.

Try to disconnect one cable and connect your PC to it and you should be getting an IP address under Default Gateway.

Message 8 of 29
capayne
Aspirant

Re: Disable remote management

None of those ports are being used, and I tried two of them, 1 and 4, and still Default Gateway shows nothing.

Message 9 of 29
ElaineM
NETGEAR Employee Retired

Re: Disable remote management

@capayne Can you post a screenshot?

Do you have lights turned on from the front panel of the router where you connect the Ethernet cable?

Are there any other cables for you to try?

Can you try other ports too?

If none of them are lit, try to use a different Ethernet to see if it's a bad cable.

 

For additional information, see this article.

 

Message 10 of 29
capayne
Aspirant

Re: Security email: Disable remote management

OK, will try these things and post if they don't work . . . will have to dig up another ethernet cable . . . 

Message 11 of 29
capayne
Aspirant

Re: Security email: Disable remote management

And yes, all the appropriate lights are on; I have internet and WiFi service.

There are no other ports to try.

 

Message 12 of 29
ElaineM
NETGEAR Employee Retired

Re: Security email: Disable remote management

Kindly provide the screenshot.

What's the IP address of the PC that can connect wirelessly?

What specific lights are lit?

Message 13 of 29
grfromtx
Aspirant

Re: Security email: Disable remote management

If the box for remote management is not checked, does that confirm that the router cannot be accessed remotely?

 

Urgent reply needed as I am leaving town for a week.

 

Thanks,

 

Gary Roberts

Message 14 of 29
capayne
Aspirant

Re: Security email: Disable remote management

Thanks Elaine and Gary, I was able to complete both tasks.

Message 15 of 29
ElaineM
NETGEAR Employee Retired

Re: Security email: Disable remote management

@capayne You're very welcome.

Have a great day!

Message 16 of 29
lapriester
Aspirant

Re: Disable remote management

I have an R4500.  I do not see a plain R4500 listed in the devices affected.  Is this procedure something I need to do with my router?  If so, I'm not computer savy enough to even begin.  What risk is there in not doing this?  IF, I even need to do it.

Model: R4500|N900 Wireless Dual Band Gigabit Router
Message 17 of 29
hawki
Apprentice

Re: Security email: Disable remote management

Well you better tell your Tech Support.

 

I just got the email a few hours ago - Tech support says to ignore it cuz its a scam.

 

the email address it came from has been closed.

 

My gui has no option to enable PW recovery is why I called support.

 

WTF is the true story? And if it's legit what kind of support is Netgear offerring these days ???????????????

Message 18 of 29
KoinFlipper
Tutor

Re: Security email: Disable remote management

When I access Advanced features, the check box to ENABLE remote management is NOT CHECKED so I assume it is not turned on.  However, I have been using NetGenie to switch channels with my cell phone APP.  Does NetGenie NOT USE remote management?  If it does, why can I remote manage without it turned on?

Model: WNDR4500v3|N900 WIRELESS DUAL BAND GIGABIT ROUTER
Message 19 of 29
hawki
Apprentice

Re: Security email: Disable remote management

BTW: This afternoon as late as 1:00 PM EST, the page on which the subject security advisory was taken down with an explanation that perhaps it was being modified).

Message 20 of 29
Retired_Member
Not applicable

Re: Security email: Disable remote management

You state that it is a legitimate email and I have no doubt that you are right but perhaps you can answer me a few questions on that point.

The email address used by you is "NETGEARSecurity@e.netgear.com". Note, "e.netgear.com". not "netgear.com".

The download link provided for to recover the password is "http://kb.netgear.com/app/answers/detail/a_id/30632", note the address, "kb.netgear.com", not "netgear.com".

In an age we are constantly told to be vigilant against scams to maintain security, it appears to me that Netgear is perhaps one communications hardware company that makes it very difficult to determine wether an email is or is not valid, at least from Netgear as they appear to have a number of internet addresses any of which can be used to communicate with their customers and any of which can be used as links to send customers to.

 

Message 21 of 29
hawki
Apprentice

Re: Security email: Disable remote management

 


@Retired_Member wrote:

You state that it is a legitimate email and I have no doubt that you are right but perhaps you can answer me a few questions on that point.

The email address used by you is "NETGEARSecurity@e.netgear.com". Note, "e.netgear.com". not "netgear.com".

The download link provided for to recover the password is "http://kb.netgear.com/app/answers/detail/a_id/30632", note the address, "kb.netgear.com", not "netgear.com".

In an age we are constantly told to be vigilant against scams to maintain security, it appears to me that Netgear is perhaps one communications hardware company that makes it very difficult to determine wether an email is or is not valid, at least from Netgear as they appear to have a number of internet addresses any of which can be used to communicate with their customers and any of which can be used as links to send customers to.

 


 

I agree, but your questions are more properly addressed to The Community Manager or Forum Moderator.

 

You are correct that the email address of the source of the email I received is:  From:NETGEAR Security <NETGEARSecurity@e.netgear.com>

 

My main complaint is that I was explicitly told by a Netgear Telephone Support Rep that the email is a scam and that I should ignore it. The email address tended to confirm the Tech's statement. It appeared to me as being suspect.

 

I carry no brief to defend Netgear.

 

From all the discussions and comments by the Community Manager and Forum Moderator and high volume posters it appears that the email is legit

 

hawkeye

 

 

 

 

Message 22 of 29
Annoyed666
Aspirant

Re: Security email: Disable remote management

Got an email.

 

I have a WNDR 4500 v3.

 

I read the website and it does not state this model as being affected? Is it?

 

I do not have and "advanced tab in my genie. Where do I find it?

 

I searched the users manual for the term "remote management". and it can not find it.

 

(None of this makes sense. Why would I enable "passowrd recovery for for security??)

 

 

Message 23 of 29
KoinFlipper
Tutor

Re: Security email: Disable remote management

The ADVANCED tab is not in NetGear Genie App.  It is found when you login to your router like your router.  put  http://www.routerlogin.com in an open browser address bar.  Enter user name and password (usually admin and password unless you changed them).  It opens NetGear Genie on your computer.  There are two tabs--Basic and Advanced.  Choose ADVANCED tab and then click on "Advanced Setup".  In the dropdown menu, select "Remote Access"

 

At top of the window that opens is a checkbox to TURN ON REMOTE MANAGEMENT.

 

I have never turned this on but am able to use NetGear Genie on my cellphone to switch channels.  So not sure what all is included in REMOTE MANAGEMENT but I haven't needed to turn on to manage my WiFi Network using cellphone.

Model: WNDR4500v3|N900 WIRELESS DUAL BAND GIGABIT ROUTER
Message 24 of 29
KoinFlipper
Tutor

Re: Security email: Disable remote management

 


@Annoyed666 wrote:

Got an email.

 

I have a WNDR 4500 v3.

 

I read the website and it does not state this model as being affected? Is it?

 

I do not have and "advanced tab in my genie. Where do I find it?

 

I searched the users manual for the term "remote management". and it can not find it.

 

(None of this makes sense. Why would I enable "passowrd recovery for for security??)

 

 


The WNDR4500v1 and WNDR4500v2 are listed.  Wonder if the just forgot to add WNDR4500V3 or if really is not affected by this security issue.

Model: WNDR4500v3|N900 WIRELESS DUAL BAND GIGABIT ROUTER
Message 25 of 29
Top Contributors
Discussion stats
  • 28 replies
  • 8689 views
  • 0 kudos
  • 11 in conversation
Announcements

Orbi WiFi 7