12.14.2016

NETGEAR Publishes Security Advisory For Certain Routers

CERT warns against using certain Netgear routers until a fix is issued



Netgear just published a security advisory, stating that a few of its popular routers are affected by a serious security vulnerability. This particular vulnerability could allow remote hackers to take control of the routers.

A Twitter user going by “Acew0rm” discovered the issue and informed Netgear by email in August. Up until this point, the vulnerability seemed to be ignored by Netgear, and there has been little fanfare about the problem until now.

Netgear’s advisory states, "Netgear has recently become aware of the security issue #582384 that allows unauthenticated web pages to pass form input directly to the command-line interface. A remote attacker can potentially inject arbitrary commands which are then executed by the system,".

“So far, it’s been confirmed that the issue affects at least eight router models.”

So far, it’s been confirmed that the issue affects at least eight router models; the R6250, R6400, R6700, R7000, R7100LG, R7300, R7900 and the R8000. Three of those happen to be in Amazon’s top five selling routers. 

The situation is complicated. A few beta fixes have been released for some models, but aren’t fully tested. Even worse is that Netgear customers have to install the firmware themselves, since Netgear has no way to push firmware updates. With the growing internet of things and the already massive router botnets, the internet will be feeling this one.

"A hacker able to convince someone to visit a website with the malicious code could exploit the flaw and execute any command with root privileges."

Carnegie Mellon University's Computer Emergency Response Team (CERT) has said that exploit code has been seen on the web. A hacker able to convince someone to visit a website with the malicious code could exploit the flaw and execute any command with root privileges.

So far nobody has a practical solution to this vulnerability. Exploiting the flaw is very easy, and CERT suggests that anyone who can should stop using an affected router until a fix is available. Netgear will update its advisory once it has more information.