NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Avast Vulnerability Catalogue ID CVE-2017-14491 for the Nighthawk R7000 ac1900 dualband wifi router
I have got this report from Avast and Bitdefender after scanning my network and i have the latest firmware for my router. Any ideas if Netgear is working on a firmware update f...
For the subject CVE-2017-14491 plus a few more items to address should be 2.78 or higher. Check http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
I have Avast telling me the same issue.
Router has firmware vs V1.0.9.28_10.2.32
dnsmasq-2.14-OpenDNS-1
Has this been fixed yet?
I am at FW version V1.0.9.32_10.2.34
and I get
"dnsmasq-2.15-OpenDNS-1"
returned from a Windows 10 powershell using nslookup command.
Looked this up on CVE Details and this version of dnsmasq is circa 2005. WTH?
Come on now!
This is embarassing, I see my router is vulnerable too at version 2.15 (R7000). Netgear, what the heck are you guys doing asleep at the wheel here ? I regularly recommend netgear routers to my clients, but i'm going to be stopping until you fix this garbage. It's been MONTHS. Do the right thing and fix this.
I am finding it odd that dnsMasq 2.79 is the latest revision out there in open source land and we still have 2.15 in use in our routers. THAT is a lot of proverbial water under the old revision bridge. Since dnsMasq is open source, there should be no reason we cannot have the latest except possibly that since Netgear is a for-profit company, they are unable to use the cutting edge releases, instead, perhaps they are forced to use old code, old buggy vulnerable code in their products?! Spit-balling here but this is the only scenario that makes sense (given no other information at all) other than Netgear having say, only 3 engineers tackling 27,518 bugs across their plethora of products. Is that the case? Anyway, I like my Netgear products. I just want to see this fixed ASAP. Please Netgear engineers, fix this. Thanks!