NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
backdoor
2 Topics
NETGEAR Routers and CVE-2016-582384 security vulnerability
I am a bit concerned about this recent article: http://www.zdnet.com/article/two-netgear-routers-are-vulnerable-to-trivial-to-remote-hack/ https://www.kb.cert.org/vuls/id/582384 Details: Overview Netgear R7000 and R6400 routers and possibly other models are vulnerable to arbitrary command injection. Description CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') Netgear R7000, firmware version 1.0.7.2_1.1.93 and possibly earlier, and R6400, firmware version 1.0.1.6_1.0.4 and possibly earlier, contain an arbitrary command injection vulnerability. By convincing a user to visit a specially crafted web site, a remote attacker may execute arbitrary commands with root privileges on affected routers. A LAN-based attacker may do the same by issuing a direct request, e.g. by visiting: http:///cgi-bin/;COMMAND An exploit leveraging this vulnerability has been publicly disclosed. Impact By convincing a user to visit a specially crafted web site, a remote attacker may execute arbitrary commands with root privileges on affected routers. Solution The CERT/CC is currently unaware of a practical solution to this problem and recommends the following workaround. Discontinue use Exploiting this vulnerability is trivial. Users who have the option of doing so should strongly consider discontinuing use of affected devices until a fix is made available. --------------------------- Can someone from NetGear address this issue? I am running one level behind on my firmware, because I liked the fact that my router could double as my ARLO base station. However, reading this warning from CERT is causing me to be concerned. This router was not cheap, and I have had it for less than a year. If I have to get rid of it, becaue the issue cannot be resolved, then I would like some kind of compensation or trade in value. Regards.Solved27KViews8likes233Comments
R7000 Vulnerability Note VU#582384
It has been reported on various outlets that there is a vulnerability with the R7000 and R6400 routers. Please see https://www.kb.cert.org/vuls/id/582384 . The advisor reads "Exploiting this vulnerability is trivial. Users who have the option of doing so should strongly consider discontinuing use of affected devices until a fix is made available." This is NOT a practical solution for me or many others. I can't find anything on the Netgear website about this issue and how they intend to resolve it. Can anyone advise as to the status of this problem and share any information and advise ? Thanks JMKSolved18KViews8likes45Comments