NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Avast Vulnerability Catalogue ID CVE-2017-14491 for the Nighthawk R7000 ac1900 dualband wifi router
I have got this report from Avast and Bitdefender after scanning my network and i have the latest firmware for my router. Any ideas if Netgear is working on a firmware update f...
For the subject CVE-2017-14491 plus a few more items to address should be 2.78 or higher. Check http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
Hi Megarock,
You can report it via proper channel.
JamesGL ... if Netgear would have a security officer in charge monitoring the vulberability report resources and update all the Open SOurce in time on all products still maintained we would not have to file anything. This issue in dnsmasq was fixed half a year ago ... but never made it to any Netgear device. Make this sleeping business unit run now!
Hi schumaku,
NETGEAR is working on any reported vulnerability issue.
Hi Megarock,
Please submit it here.
Sorry, i went to the link on that site you gave me and i could not figure out how and what to do with it.
JamesGLwrote:NETGEAR is working on any reported vulnerability issue.
We expect Netgear does update Open Source packets on these product on a regaular base, and not wait unil vulnerability reports are in the public (dnsmasq was updated almost half a year ago to address this vulnerability!!!), or 3rd party applications complain about features soon no longer supported (see all the OpenVPN warnings, current OpenSSL and updating the certificates would have saved virtually hundreds pf posts). Proactively handling - not sleeping. It's simply ignorant and leave a very bad impression on the Netgear brand.
JamesGLwrote:You can click on submit report on the link below.
Can't be Netgear customers having to file well known and published vulnerabilities every reasonable commercial, (even free!) vulnerability test tools does complain (some for a longer time). Something is badly wrong in the way these products firmware is audited, regularly reviewed, and security updated.
This is Netgears job, not those they sell to.