Your Netgear router could let attackers hack your web traffic

2 minute read

Home » News » Your Netgear router could let attackers hack your web traffic

If  you’re using a Netgear router right now, you might want to turn it off for the time being following discovery of a security flaw in various Netgear models. Worse, there’s currently no easy fix for the vulnerability that could give hackers full control of your router.

Netgear reportedly left the security issue unattended for months, leaving thousands of home networking devices exposed to attacks. Now, Netgear issued a temporary fix for some router models. While at that, the delay still highlights the risk facing the Internet of Things and the difficulty to patch it.

Fix remains unstable

The patches are still in beta and apply only to select models. In addition, Netgear acknowledged the limitations of the fixes as the company has yet to test the patch. What adds insult to injury is users themselves have to manually install the firmware since Netgear is unable to roll out an over-the-air update.

Security researcher Andrew Rollins, who goes by the Twitter handle Acew0rm, alerted Netgear to the flaw back in August, but received only a cold shoulder from the company. Three months later, Rollins decided to make the vulnerability public. This prompted the Department of Homeland Security’s CERT group to release an advisory about the flaw. CERT stated:

“Exploiting this vulnerability is trivial. Users who have the option of doing so should strongly consider discontinuing use of affected devices until a fix is made available.”

Affected devices include Netgear R6200, R6400, R6700, R7000, R7100LG, R7300, R7900, and R8000 routers, as well as other models that could be exposed to arbitrary command injection. The security vulnerability could let unauthenticated web pages gain access to the command-line and execute malicious commands. In turn, this could provide hackers the ability to take over an entire system.

“By convincing a user to visit a specially crafted web site, a remote unauthenticated attacker may execute arbitrary commands with root privileges on affected routers,” CERT said.

The number of affected routers, however, remains unclear. The exploit has gone public, so it’s easy to assume a large swath of Netgear devices are currently at risk.

Read also:

Discussions

Next up

Citrix Receiver A fatal error occurred on Windows 10 [FIXED]

Vladimir Popescu avatar. By: Vladimir Popescu
2 minute read

A number of users have reported encountering this error message A fatal error occurred from Citrix Receiver, on Windows 10. The reasons for this error […]

Continue Reading

PC has blocked access to this file [FIXED BY EXPERTS]

Sovan Mandal avatar. By: Sovan Mandal
2 minute read

Windows 10 is an amazing platform, but sometimes you won’t be able to access certain files due to PC has blocked access to this file error. […]

Continue Reading

Make the most of your Brother embroidery machine with these tools

Vladimir Popescu avatar. By: Vladimir Popescu
Less than a 1 minute read

Being one of the most popular brands of embroidery machines on the market, Brother is an incredibly user-friendly machine that can give you the possibility […]

Continue Reading