Several Netgear routers are open to external attacks

By on
Several Netgear routers are open to external attacks

A US security watchdog has named a number of Netgear routers as being vulnerable to remote attacks.

A recent vulnerability note published by the US Computer Emergency Response Team (CERT) says the Netgear R6200, R6400, R6700, R7000, R7100LG, R7300, R7900, and R8000 routers and possibly other models can be tricked into executing arbitrary commands with root privileges.

In other words, an external attacker can take advantage of this issue to tell the router what to do.

Netgear has disclosed that the list of affected models also includes the D6220, D700, R6250 and R6900.   

A beta version of new firmware to overcome this issue has been released for the R6250, R6400, R6700, R7000 and R8000, though the company warns that it "has not been fully tested and might not work for all users."

Beta firmware for other models will be made available, with some appearing perhaps as soon as today. Links to the beta firmware are included here.

If you can't or don't want to install the beta firmware, the CERT advisory includes a workaround that ironically takes advantage of the vulnerability to disable the affected part of the firmware. If you decide to take this step, note carefully the warning that it should be reapplied each time the router is restarted.

Making sure that remote administration is disabled is always a good idea unless you really need that capability, but even then all an attacker needs to do is tempt a local user to visit a malicious web page that contains the commands the attacker wants the router to execute.

Netgear says it is working on a new production version of the firmware for affected models, and it will be released "as quickly as possible."

For now, CERT advises that: "Users who have the option of doing so should strongly consider discontinuing use of affected devices until a fix is made available."

Footnote: Since this article was originally published, Netgear has released beta firmware updates for all models known to be affected by this issue, namely the R6250, R6400, R6700, R6900, R7000, R7100LG, R7300DST, R7900, R8000, D6220 and D6400. It it still investigating whether any other models are affected.

Netgear "strongly recommends that all users download the production version of the firmware release as soon as it is available." No timeframe has been indicated for that release.

Copyright © BIT (Business IT). All rights reserved.

Most Read Articles


What would you like to see more of on BiT?
How To's
Photo Galleries
View poll archive

Log In

  |  Forgot your password?