CERT Warns Customers of Vulnerability Found in Netgear Routers
Bohs Hansen / 2 years ago
Netgear is just the latest of many high-profile companies to come under fire from security watchdogs and due to severe security holes that go unpatched. When such a security flaw is situated in your router, then it’s even worse since the router is the door into your home. The exploit in question was first disclosed over four months ago, but it has yet to be acknowledged by Netgear and patched. As a direct result of this, CERT has warned customers strongly to discontinue the use of the affected router models – if at all possible. It isn’t everyone that has spare routers laying around for cases like this.
The vulnerability, labeled VU#582384 by Carnegie Mellon University’s CERT, allows “arbitrary command injection” on Netgear’s R7000 and R6400 routers (using firmware 18.104.22.168_1.1.93 and 22.214.171.124_1.0.4 respectively). According to CERT, it’s also possible that earlier firmware versions for these two routers could be affected and thereby also vulnerable to attacks.
The attack is carried out by enticing a user to visit a specially made website, after which commands are issued to the router. The routers can also be directly exploited via a LAN connection by entering a very simple address that I won’t share here. There’s no need to spread the how-to even further. The Twitter-user Acew0rm also posted a proof of concept for the Netgear exploit in an online video.
Acew0rm explained that he first contacted Netgear about the issue over four months ago and never even got a response back from the company and that’s the reason for the video and publication of the information. “I’ve forgotten about this because I thought this was very stupid. I didn’t think it was going to this big and I thought they were going to instantly patch it.”
According to CERT, there is currently no solution for the problem which is why they recommend and encourage users of the Netgear R8000, R7000 and R6400 routers to stop using them immediately and until Netgear can remedy the problem with a firmware update.