NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
security vulnerability
5 TopicsR7000 Vulnerability Note VU#582384
It has been reported on various outlets that there is a vulnerability with the R7000 and R6400 routers. Please see https://www.kb.cert.org/vuls/id/582384 . The advisor reads "Exploiting this vulnerability is trivial. Users who have the option of doing so should strongly consider discontinuing use of affected devices until a fix is made available." This is NOT a practical solution for me or many others. I can't find anything on the Netgear website about this issue and how they intend to resolve it. Can anyone advise as to the status of this problem and share any information and advise ? Thanks JMKSolved18KViews8likes45CommentsThe last straw: new vulnerability for R7000 R6400 R8000
Well, this is pretty much the last straw for me. I knew it was only a matter of time considering all of the broken promises, the messages of "coming soon", and flat out abondonment of your products Netgear. There is a new vulnerability out (shocking right?) that is affecting multiple routers and the way Netgear has handled the R8000 gives me less than zero confidence that they will keep their word, or do anything with this product anymore. In this landscape, everything is being attacked on a regular basis and Netgear has only proven that they will not keep up with the fast pace of security. I'm out. https://www.reddit.com/r/netsec/comments/5hfkc2/netgear_r7000_and_r6400_routers_are_vulnerable_to/db00717/Solved13KViews6likes28CommentsR7000 & R6400 Vulnerability Note VU#582384
[When I created this post, I wasn't aware of the 2 discussions already on this topic: Two leading Netgear routers are vulnerable to a severe security flaw R7000 Vulnerability Note VU#582384] Just saw this news: An advisory posted on Friday in Carnegie Mellon University's public vulnerability database (CERT) said that Netgear's R7000 and R6400 routers, running current and recent firmware respectively, are vulnerable to an arbitrary command injection flaw. Details of this vulnerability can be found at Vulnerability Note VU#582384. The current recommendation is to stop using those routers. Unfortunately it's impossible for many users with only one router at hand. Is Netgear developing a fix and firmware update to combat this issue? UPDATE: It's very scary. I just tried the proof of concept on my router. It really worked and started a tenet service on the specified port without requring any authentication. Netgear'd better patch this up ASAP.Solved20KViews6likes34CommentsR7000 Vulnerability - When will new firmware be released to address this?
ZD Net is now recommending that we shut down our R7000 routers until Netgear generates a fix to the exploit code that was recently released. As shutting down a router is not a reasonable option I would like to know when Netgear intends to address this issue. It should be now.Solved6KViews1like9Comments