NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Security

1978 Topics

Patch for Krack Vulnerability
ALL FIRMWARE should be updated. More info: https://betanews.com/2017/10/16/krack-wpa2-security-vulnerability/
Auri
Oct 16, 2017 Place Feature Requests
81KViews
29likes
36Comments
Feature request: provide true network segmentation for guest wifi
It would be great if you could improve the guest wifi capabilities, at least giving the option of complete network segmentation for guest networks on your routers. Visitors, and untrusted devices (e.g., IoT devices) should be able to connect to a separate SSID, on a (separate) VLAN (or other logical segmentation), so that guest devices can't discover, communicate with, or sniff traffic from, devices on the trusted SSID, except as explicitly permitted through user-created rules. Ideally, VLAN management should also extend to the ethernet ports on the router and satellites, so that wired devices can also be segmented out to the untrusted VLAN (e.g., wired IoT devices).
randomousity
Apr 14, 2018 Place Submit Ideas for Home Products
8.1KViews
25likes
4Comments
Nighthawk M5 MR5100-1Z1MES useless In Middle East
Good day NETGEAR COMMUNITY ! , First of all, We are in big trouble because a lot of people In Middle East They didn't get the new update : Model: MR5100-1Z1MES Firmware Version : NTGX55_12.04.12.01 GUI Version: MR5100-1Z1MES_04.02.197.00 HW Version: 1.1 _________________________________________________________________ Most of people stuck on version : 10.12.13.0 & 10.28.02.00 Which is very old version and you cannot change band option's from the router ! You shall to change It from 192.168.1.1 ! Also, when you tried to check for updates It's give you UP TO DATE ! _________________________________________________________________ Is it difficult for a large and leading company in the field of routers like Netgear to Push an OTA update 12.04.12.01 to all owners of the MR5100-1Z1MES model ? By the way .... The vendor not cooperate at all In Middle East
Solved
Mr_Khalid
Apr 12, 2022 Place Cell Service Mobile Hotspot Modems, AirCards, & Mobile Routers
11KViews
18likes
27Comments
ALL Netgear USB Drive Mapping Issues ReadyShareConnect.exe ReadyShare Windows10 Map Network Drive
This reply will solve TWO Issues pertaining to Mapping a Windows Network Drive to your USB Connected Drive on your Netgear Router. This posting applies to ALL Netgear Routers utilizing Shared USB Windows/MAC File Sharing, including all current models. Please pay strict attention to the word SOLVE !!! THIS is a technical workaround for very LAZY and Outdated programming on the part of Netgear Management. It is NOT a Windows problem. It appears to be a Windows issue simply because Microsoft has chosen to disable (FINALLY) the 30 Year Old SMBv1 which was used in PRE Windows NT Days (Circa 1988). Windows 10 relies solely on SMBv3.x and above which is far superior to SMBv1 which Netgear has chosen to use. Please note well, ENABLING SMBv1 WILL Open your Windows 10 or below OS to the WANNACRY Ransomware. You will be crying after doing this BUT your ReadyShare WILL Indeed Function. Netgear utilizes ANCIENT technology and software practices simply because all development is performed in tents in India by "experts" utilizing state-of-the-art development protocols that were deemed inadequate in 1992 !!! That is NOT an exaggeration. So be forewarned, this is NOT a good idea, but the only way you can connect to your $500 Netgear R9000 Router using Microsoft Windows Network Drive Mapping is to enable SMBv1 on your Windows 10 or below Operating System. (The Anniversary Update DISABLED SMBv1 as a security precaution in Q1/Q2 2017) If your network mapping seems to have mysteriously broke in the past few weeks then you know your SMBv1 has been disabled. You can easily ENABLE it and continue to use Netgear's OUTDATED software which relies on SMBv1 to connect to the USB Device attached to your Netgear Router. FIRSTLY, The Download Location for the ReadyShareConnect.exe sharepoint is: http://www.downloads.netgear.com/files/ReadyShareConnect.exe You don't need it but there are dozens of posts looking for this information. If you download it save it to C:\Windows\System32 Folder for ease of use. It does nothing more than the NET USE command line. To ENABLE SMBv1 in Windows 10 simply Click on PROGRAMS AND FEATURES in Control Panel. On the left side panel click on TURN WINDOWS FEATURES ON AND OFF. Navigate down the Popup List Box to SMB 1.0/CIFS FILE SHARING SUPPORT and Place a CHECKMARK in the Box next to it. OK your selection and then RESTART your Computer. When you log back in you will then be able to connect to your Netgear ReadyShare USB Devices connected to your router. BUT, every Ransomware scammer and hacker will also be able to readily access your SMB (Server Message Block) protocol messages. In other words you are wide open to ransomware attack so start your crying now as you will need it !!! Start calling Netgear NOW and demanding that they provide 2017 type programming performed by AMERICANS on AMERICAN SOIL !!! Now you will understand why I am so ticked off that Netgear is so incompentant to sell a $500 Router with such outdated and totally dangerous software connectivity. Yes the newest R9000Nighthawk is around $500 with taxes and shipping, and UTILIZES SMBv1 protocol !!!!
Solved
SPUBOL
Jun 28, 2017 Place Nighthawk Wi-Fi 5 (AC) Routers
543KViews
13likes
10Comments
GS108Ev3 Cannot set VLAN for management interface
I just purchased a GS108Ev3 because I needed some simple VLAN segregation for a small group of machines "down the hall" from my core networking equipment. The switch works great, though there is one key feature I believe to be missing: The IP address of the switch can be staticly defined, but there is no way to configure the VLAN the switch's management interface resides on. With my ProSafe Smart switches that I'm currently using, this is definetly possible: GS724T Management Interface: On the other hand, the GS108E clearly lacks this functionality: GS108E Mangement Interface: (Same basic form is visable in the WebUI; no VLAN setting though!) Setting the IP address is great... but I need to keep all of the management for my switches on a seperate VLAN for security purposes. Is this a feature that could possibly be added with a future firmware revision? I know the GS108E is a very entry-level switch, but since the switch supports VLANs and managing them on a per-port bases (and trunking), allowing administrators to set the VLAN for the management interface is really an important feature!
Solved
Ra1n
Aug 13, 2015 Place Easy Smart, Plus and Smart Switches
39KViews
9likes
13Comments
Support HTTPS oin GS1xxE web Managet Switches
Please consider using HTTPS for the web management of the GS1xxE line of switches. Especially the smaller models need a secure way to configure them as there are no real replacements for in-field deployments outside special technical rooms where is no room to fit an entire rack into... As the current state of security of many of the embedded or IoT thingis is sub-optimal it is crucial to prevent login credential sniffing via other pOwnd network devices within the same subnet. Thanks, Stefan Seide
sseide
Sep 14, 2017 Place Feature Requests
12KViews
8likes
1Comment
R7000 Vulnerability Note VU#582384
It has been reported on various outlets that there is a vulnerability with the R7000 and R6400 routers. Please see https://www.kb.cert.org/vuls/id/582384 . The advisor reads "Exploiting this vulnerability is trivial. Users who have the option of doing so should strongly consider discontinuing use of affected devices until a fix is made available." This is NOT a practical solution for me or many others. I can't find anything on the Netgear website about this issue and how they intend to resolve it. Can anyone advise as to the status of this problem and share any information and advise ? Thanks JMK
Solved
johnkob
Dec 09, 2016 Place Nighthawk Wi-Fi 5 (AC) Routers
18KViews
8likes
45Comments
NETGEAR Routers and CVE-2016-582384 security vulnerability
I am a bit concerned about this recent article: http://www.zdnet.com/article/two-netgear-routers-are-vulnerable-to-trivial-to-remote-hack/ https://www.kb.cert.org/vuls/id/582384 Details: Overview Netgear R7000 and R6400 routers and possibly other models are vulnerable to arbitrary command injection. Description CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') Netgear R7000, firmware version 1.0.7.2_1.1.93 and possibly earlier, and R6400, firmware version 1.0.1.6_1.0.4 and possibly earlier, contain an arbitrary command injection vulnerability. By convincing a user to visit a specially crafted web site, a remote attacker may execute arbitrary commands with root privileges on affected routers. A LAN-based attacker may do the same by issuing a direct request, e.g. by visiting: http:///cgi-bin/;COMMAND An exploit leveraging this vulnerability has been publicly disclosed. Impact By convincing a user to visit a specially crafted web site, a remote attacker may execute arbitrary commands with root privileges on affected routers. Solution The CERT/CC is currently unaware of a practical solution to this problem and recommends the following workaround. Discontinue use Exploiting this vulnerability is trivial. Users who have the option of doing so should strongly consider discontinuing use of affected devices until a fix is made available. --------------------------- Can someone from NetGear address this issue? I am running one level behind on my firmware, because I liked the fact that my router could double as my ARLO base station. However, reading this warning from CERT is causing me to be concerned. This router was not cheap, and I have had it for less than a year. If I have to get rid of it, becaue the issue cannot be resolved, then I would like some kind of compensation or trade in value. Regards.
Solved
3v3ntH0riz0n
Dec 09, 2016 Place Nighthawk Wi-Fi 5 (AC) Routers
27KViews
8likes
233Comments
Netgear R7000 and OpenVPN for Android App
Hi, since last OpenVPN for Android App update (v.0.6.73) downloadable at the following link: https://play.google.com/store/apps/details?id=de.blinkt.openvpn OpenSSL version was upgraded to 1.1 and I cannot connect to my R7000 Router from Outside anymore, because for security reasons OpenSSL v.1.1 doesn't accept MD5 certificates because have a weak signature. May Netgear upgrade R7000 firmware to create OpenVPN SHA256 certs instead MD5, below the OpenVPN's FAQ with explanations: http://ics-openvpn.blinkt.de/FAQ.html#weakmd_title It's a security enhancement that may be helpful to all community that have this fantastic Router. Router Firmware: 1.0.7.12 Smartphone Model: LG Google Nexus 5X v.7.1.2 with June 5th 2017 patches. Regards.
Solved
Morganino
Jun 26, 2017 Place Nighthawk Wi-Fi 5 (AC) Routers
42KViews
7likes
138Comments
new idea for security for all modem and raouters
update your security new inteligent firewall and monitor so you can see what is passing over the firewall and what is bloking in real time like attack ,junk,virus,scrips attack,dos,ddos,bots,malware,exploit bloking,portscan,domain infected,dns,ip ,devices ect IP spoofing attack dns poisoning attack arp poisoning attack tcp and upd port scaning attack protocol SMB attack protocol RPC attack protocol RDP attack Man in the middle attack Session hijacking Server spoofing Ping broadcast Ping of death Smurf Teardrop syn flood brute force ect so you can you can block any coonection with servers ,dns,ips,uknow device conected to the firewall,like hakers ,ect make allow rule or deny so you can deside what block or not or the same firewall tell you that is safe or not makenew ids protection and new gen intrution prevention ( fix all false and positive attack ) network monitor so you can block or deny network too of devices see all conection conected and full speed running so you can see what speed is running like 50mbs or more ect see ping and pakage lost and signal stable and see lag spike ect like for example xboxone or ps4 make new inteligent anti exploit protection protect from any exploit and zero exploit over the network or any new atack tech make memory protection ,protect from any attaack from memory modem or raouter make ready nas and share protection make usb protection make new anti dos or any attack wirless make anti jamming wirless for 2.4ghz and 5ghz prevent wirless drops and secure voice ect make a new turbo nat for gaming make new turbo firewall fix the dos and portscan and security make modem slow playing online games speed up the setting that dont affect gaming on any security setting scrip protection make anti bypass firewall make new unpnp protection make hhtps login and secure make dns protection make new gen turbo qos gaming set upload and download speed make a new modem or router speed test fix put the same ip on portward dont work fix that like example fist ip 192.168.10 for xbox second ip 192.168.9 for xbox in case the ip change dont let you fix that dont support mutiple ip make a new disnotic mode test security or vulneravility settings you have make new smart ip conflic fix make new uknow change have been made incase of hakers and what setting was change make turbo chanels for download and upload make to change upload and download frecuency make a new gen modem software for all make super fast software fix always disconection on modems for gaming make super fast cpu 4 core 2.20ghz or higth turbo for modem ect make gaming modem make smart porforward ports nope error and security make support ipv6 for portfoward and all settings like dns ip ect make to disable ready share for the modem add protection for printer security cold be vulnerable and easy for hakers make anti remote bypass and security wps security ect just helping
Kakashi2000
Apr 03, 2016 Place Submit Ideas for Home Products
30KViews
7likes
2Comments