NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Megarock
Mar 26, 2018Tutor
Avast Vulnerability Catalogue ID CVE-2017-14491 for the Nighthawk R7000 ac1900 dualband wifi router
I have got this report from Avast and Bitdefender after scanning my network and i have the latest firmware for my router. Any ideas if Netgear is working on a firmware update f...
- Aug 13, 2018
For the subject CVE-2017-14491 plus a few more items to address should be 2.78 or higher. Check http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
BRWhitecotton
Aug 05, 2018Aspirant
I am happy to report that Netgear has fixed this with the latest update applied to my router. I updated about 5 days ago (regular update push from Netgear, not by manual download method) to version V1.0.9.34_10.2.36 and now Avast does not complain about dnsmasq and nslookup reports "dnsmasq-2.78".
THANK YOU Netgear for taking care of this!!! I am sure you are tackling these issues as quickly as resources allow! Hang in there folks, help is on the way!!!
Cheers,
Brian
htroudi
Aug 13, 2018Apprentice
Can anyone tell if this is fixed on Netgear R8000P?
- htroudiAug 13, 2018Apprentice
The command nslookup -type=txt -class=chaos version.bind 192.168.1.1 gives me:
version.bind text = "dnsmasq-2.75"
So am I safe?
- schumakuAug 13, 2018Guru
For the subject CVE-2017-14491 plus a few more items to address should be 2.78 or higher. Check http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
- htroudiAug 15, 2018ApprenticeSo am I sade then??
- sixteen59Aug 15, 2018Aspirant
Safe? No. I've repeatedly challenged support who tells us that the vulnerability doesn't exist even though they're using (inexplicably) dnsmasq versions back to 14 years old and most of them are pre-2.76. They will tell me the engineers say it isn't a concern. I say then the engineers can explain HOW it's not a concern when using versions of dnsmasq that are very obviously vulnerable version. I have a R6400 as well as a number of customers that do as well, it's vulnerable. I have customers with R7000s that are vulnerable. I have customers with R7800s that are vulnerable. And on and on. I'm not sure there's a product that's not vulnerable. Netgear doesn't care. I seriously don't understand the difficult here. Just bring on new firmware releases for every product that gets dnsmasq up to date v2.78. Bottom line is they don't give a damn.
- htroudiAug 23, 2018ApprenticeWTF!!!!!!!!!!!
Netgear come on. Why are you doing this against us customers.
You used go be a respectable network product manufacturer.
What the hell happened??
Me among others truly want to know why you don't take care of such a embarrassing security issue.
Hear me : you WILL loose customers and money if you as a company won't do radical changes.