Netgear Routers Susceptible To ‘Serious’ DNS Exploit, Firmware Update Incoming
It's a good idea to periodically check for firmware updates for your wireless router, even if it appears to be working perfectly. Why? Firmware releases don't just potentially add more features and increase performance, they can also fix security vulnerabilities. Case in point, Netgear said there's a "serious" vulnerability affecting several thousand routers out in the wild.
Security researcher Joe Giron discovered the vulnerability when he noticed some funky admin settings on his routers, settings that had been altered by an outside source. Those settings told his Netgear brand router to send web browsing information to a suspicious IP address. According to Giron, all of his DNS traffic over the course of two or three days had been sent to a hacker.
During that time, the hacker could have monitored what websites Giron was visiting. Even worse, the hacker could have easily redirected Giron a malicious site serving up malware, though it doesn't appear that happened.
Jonathan Wu, senior director of product management at Netgear, acknowledged that it's a serious security flaw.
"Is it serious? Yes it definitely is," Wu told BBC. "Because whenever anybody gets access to your router, they can alter settings to direct traffic to places you don't want to go."
Several models are affected, included the JNR1010v2, WNR614, WNR618, JWNR2000v5, WNR2020, JWNR2010v5, WNR1000v4, and WNR2020v2. Nevertheless, Netgear claims that less than 5,000 routers are affected by the vulnerability. There's a firmware update that addresses the security flaw, which you can download here.
Security researcher Joe Giron discovered the vulnerability when he noticed some funky admin settings on his routers, settings that had been altered by an outside source. Those settings told his Netgear brand router to send web browsing information to a suspicious IP address. According to Giron, all of his DNS traffic over the course of two or three days had been sent to a hacker.
During that time, the hacker could have monitored what websites Giron was visiting. Even worse, the hacker could have easily redirected Giron a malicious site serving up malware, though it doesn't appear that happened.
Jonathan Wu, senior director of product management at Netgear, acknowledged that it's a serious security flaw.
"Is it serious? Yes it definitely is," Wu told BBC. "Because whenever anybody gets access to your router, they can alter settings to direct traffic to places you don't want to go."
Several models are affected, included the JNR1010v2, WNR614, WNR618, JWNR2000v5, WNR2020, JWNR2010v5, WNR1000v4, and WNR2020v2. Nevertheless, Netgear claims that less than 5,000 routers are affected by the vulnerability. There's a firmware update that addresses the security flaw, which you can download here.
