Security researchers at Carnegie Mellon University have found that at least eight different NETGEAR routers have been found to pose a remote-hacking security risk. Without much skill a hacker can access the network of devices the router connects to. Customers are urged to turn off the Wi-Fi routers to avoid problems.
The problem, known as security issue #582384, was found to affect the R7000, R6400 and the R8000 NETGEAR routers. NETGEAR later confirmed this and added the R6250, R6700, R700LG, R7300 and R7900 models to the list. Additional models could be affected, but NETGEAR is still testing all of its models for the vulnerability.
The flaw was first identified and reported to NETGEAR by Andrew Rollins, a security researcher, on August 25. After NETGEAR failed to respond for three months, Rollins went public with the information, triggering a response from the Department of Homeland Security’s CERT group which released an advisory about the issue.
“Exploiting this vulnerability is trivial. Users who have the option of doing so should strongly consider discontinuing use of affected devices until a fix is made available,” the CERT notice said.
The flaw in the NETGEAR routers allows unauthenticated web pages to access the command-line and then execute malicious commands, which could lead to total system takeover.
According to NETGEAR’s website at the time of this writing, 11 models may now be affected and there are now beta firmware fixes available for the vulnerability, but these fixes have not been fully tested and “might now work for all users.” The company continues to work on production firmware updates.
Since the investigation is still an ongoing, owners of Netgear routers should consider their network at risk.
NETGEAR has updated the Knowledge Base article related to the Security Vulnerability #582384. Please see the latest Security Advisory from NETGEAR to download a beta firmware fix for all routers that were reported to be affected and learn more about further updates regarding additional routers we have tested and the recommended course of action.
According to a spokesperson for NETGEAR, the company is continuing to investigate the issue and will provied updates to the security advisory article as they make more progress on addressing the issue.
If you would like to be notified of NETGEAR security updates or would like to learn more about the company’s security policy, please visit: NETGEAR Product Security Advisory.