× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
× Introducing the new Orbi 770 Series Mesh System. To learn more click here.
Orbi WiFi 7 RBE973
Reply

Suspicious email - NETGEARSecurity@e.netgear.com - Web GUI Password Recovery and Exposure Security

lindya1966
Tutor

Suspicious email - NETGEARSecurity@e.netgear.com - Web GUI Password Recovery and Exposure Security

WNDR3800

 

From an email from “NetGear” – is the email address, any of the click-able links in it, or the email itself legit?

 

Sender: NETGEARSecurity@e.netgear.com

 

Web GUI Password Recovery and Exposure Security Vulnerability

 

The Vulnerability:

 

NETGEAR has become aware of a security issue that can expose web GUI login passwords while the password recovery feature on your NETGEAR device is disabled. This vulnerability occurs when an attacker can access your internal network or when remote management is enabled on your NETGEAR device. Our records indicate that your NETGEAR product is affected. View the products affected

 

What You Can Do:

 

NETGEAR strongly recommends that you follow these two steps to remediate the vulnerability:

 

  1. Manually enable the password recovery feature on your device. For more information visit: h t t p: //kb .netgear .com/app/answers/detail/a_id/20027/~/configuring-router-administrative-password-recovery

 

  1. Ensure that remote management is disabled .Remote management is disabled by default. For more information, check the user manual for your product, which is available from h t t p: //www .netgear .com/support/

 

 

The potential for password exposure remains if you do not complete both steps. NETGEAR is not responsible for any consequences that could have been avoided by following the recommendations in this notification.

 

NETGEAR is working on a firmware fix and will email the download information to all registered users when the firmware fix becomes available.

 

Please check in periodically to view more information as this becomes available on our NETGEAR Security Advisory site.

 

What We Are Doing:

 

As a leading provider of networking products NETGEAR wishes to make it easy for our customers to stay informed of security updates regarding NETGEAR products. At NETGEAR, we strive to earn and maintain the trust of our customers by delivering products that are innovative, secure and preserve the privacy of our customer's data. The NETGEAR team is constantly monitoring for security vulnerabilities and will work to inform our customer base of fixes and identified security concerns with the intent of upholding the promise of keeping your data secure.

 

We appreciate you being a part of our efforts in creating a more secure world.

 

- The NETGEAR Team

Model: WNDR3800|N600 Wireless Dual Band Gigabit Router|EOL
Message 1 of 7

Accepted Solutions
ElaineM
NETGEAR Employee Retired

Re: Suspicious email - NETGEARSecurity@e.netgear.com - Web GUI Password Recovery and Exposure Securi

There's no need to do anything in your part.

WNDR3800 is not affected.

You received the email as an announcement that in case you just have bought one of the devices in the list.

View solution in original post

Message 5 of 7

All Replies
Retired_Member
Not applicable

Re: Suspicious email - NETGEARSecurity@e.netgear.com - Web GUI Password Recovery and Exposure Securi

Yes, disable remote management IF enabled.

Message 2 of 7
ElaineM
NETGEAR Employee Retired

Re: Suspicious email - NETGEARSecurity@e.netgear.com - Web GUI Password Recovery and Exposure Securi

The article is also posted here and in our website.

Message 3 of 7
lindya1966
Tutor

Re: Suspicious email - NETGEARSecurity@e.netgear.com - Web GUI Password Recovery and Exposure Securi

None of the answers address the question thus far.

 

Is "Sender: NETGEARSecurity@e.netgear.com" a legitamate email address for NetGear?

 

In the link in one of the reponses to my initial post my router is not in the list of affected routers.

 

I do not have remote management enabled and I never have.

 

Until I recieved the suspicious email and posted on this forum, I never registered my router and I do not own any other NetGear products.

 

So Again

 

Router: WNDR3800

 

From an email from “NetGear” – is the email address, any of the click-able links in it, or the email itself legit?

Message 4 of 7
ElaineM
NETGEAR Employee Retired

Re: Suspicious email - NETGEARSecurity@e.netgear.com - Web GUI Password Recovery and Exposure Securi

There's no need to do anything in your part.

WNDR3800 is not affected.

You received the email as an announcement that in case you just have bought one of the devices in the list.

Message 5 of 7
lindya1966
Tutor

Re: Suspicious email - NETGEARSecurity@e.netgear.com - Web GUI Password Recovery and Exposure Securi

Again, I never registered my router, NetGear should have never had my email address, so whether or not my router was covered under this or not is moot, I should have never recieved an email fro NetGear.

 

And the most important question - "Is "Sender: NETGEARSecurity@e.netgear.com" a legitamate email address for NetGear?" - is this a valid email address from NetGear to its consumers has not been answered?

Message 6 of 7
ElaineM
NETGEAR Employee Retired

Re: Suspicious email - NETGEARSecurity@e.netgear.com - Web GUI Password Recovery and Exposure Securi

There's no way we can acquire that email address unless someone registered the device providing that information.

 

And yes, it's a valid email address from NETGEAR.

Message 7 of 7
Top Contributors
Discussion stats
  • 6 replies
  • 19668 views
  • 4 kudos
  • 3 in conversation
Announcements

Orbi 770 Series