CATEGORIES
home News

Netgear Posts Firmware Updates After 31 Router Models Found Vulnerable To Password Hijacking

by Brandon HillTuesday, January 31, 2017, 02:14 PM EDT

Now might be a good time for Netgear to start doubling down on security for its networking products. The folks over at Trustwave found that 31 Netgear router models are susceptible to a security vulnerability that exposes the devices’ web GUI password to nefarious parties.

More specifically, an attacker is able to take advantage of a router’s password recovery system in order to obtain login credentials, granting full access to the device. Needless to say, this is huge security oversight that could have wide-ranging implications for affected routers.

“After few trials and errors trying to reproduce the issue, I found that the very first call to passwordrecovered.cgi will give out the credentials no matter what the parameter you send,” wrote Trustwave’s Simon Kenin. “This is totally new bug that I haven't seen anywhere else. When I tested both bugs on different Netgear models, I found that my second bug works on a much wider range of models.”

netgear r6200

Given the large number of affected models, Trustwave surmises that “hundreds of thousands, if not over a million” devices are vulnerable to this password exploit. “As many people reuse their password, having the admin password of the router gives us an initial foothold on the network,” Kenin adds. “We can see all the devices connected to the network and try to access them with that same admin password.”

The sheer number of routers also means that many of them could be susceptible to being sucked into nefarious operations, like the Mirai botnet that has caused havoc across the internet.

If you have one of the 31 Netgear routers that are vulnerable to the exploit, we have good news and bad news for you. The good news is that Netgear has provided firmware updates that should close the loophole for 18 models. Another two models, after further examination, are deemed to be completely safe from attacks.

However, the remaining models do not yet have a firmware solution in place. In this instance, Netgear suggests that you manually enable password recovery on your device and ensure that remote management is disabled until a fix can be provided. “The potential for password exposure remains if you do not complete both steps,” Netgear writes. “Netgear is not responsible for any consequences that could have been avoided by following the recommendations in this notification.’

This isn’t the first time that Netgear has come under fire for security lapses on its networking products. In early December, a number of routers were found to be vulnerable to remote attacks.

Tags:  Netgear, botnet, mirai
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment