Netgear Routers Susceptible To ‘Serious’ DNS Exploit, Firmware Update Incoming
Security researcher Joe Giron discovered the vulnerability when he noticed some funky admin settings on his routers, settings that had been altered by an outside source. Those settings told his Netgear brand router to send web browsing information to a suspicious IP address. According to Giron, all of his DNS traffic over the course of two or three days had been sent to a hacker.
During that time, the hacker could have monitored what websites Giron was visiting. Even worse, the hacker could have easily redirected Giron a malicious site serving up malware, though it doesn't appear that happened.
Jonathan Wu, senior director of product management at Netgear, acknowledged that it's a serious security flaw.
Several models are affected, included the JNR1010v2, WNR614, WNR618, JWNR2000v5, WNR2020, JWNR2010v5, WNR1000v4, and WNR2020v2. Nevertheless, Netgear claims that less than 5,000 routers are affected by the vulnerability. There's a firmware update that addresses the security flaw, which you can download here.