The alarming fact is that a bug lets anyone enter 31 different Netgear models, or over a million users. And the worse part is it can even be done remotely, if the remote management option is switched on.
This feature is off by default but anyone that has physical access to the network of the router can still gain unauthorized access. According to the post on Trustwave’s blog, everyone can abuse the defensive mechanisms and turn the routers into botnets.
Netgear confirmed the flaw and released a full list of the affected models. In case you own any of the listed models, you better update your firmware to get the fix.
NETGEAR is aware of the security issue that can expose web GUI login passwords while the password recovery feature is disabled. This vulnerability occurs when an attacker can access the internal network or when remote management is enabled on the router. Remote management is turned off by default; users can turn on remote management through advanced settings.
Firmware fixes are currently available for the following affected devices. To download the firmware release that fixes the password recovery vulnerability, click the link for your model and visit the firmware release page for instructions:
NETGEAR has tested the following devices and confirmed that they are not affected by the web password recovery vulnerability:
Router Model and Firmware Version:
- R6200 v184.108.40.206_1.0.43
- R6300 v220.127.116.11_1.0.58
- VEGN2610 v18.104.22.168_1.0.12
- AC1450 v22.214.171.124_10.0.16
- WNR1000v3 v126.96.36.199_60.0.93
- WNDR3700v3 v188.8.131.52_1.0.31
- WNDR4000 v184.108.40.206_9.1.86
- WNDR4500 v220.127.116.11_1.0.68
- D6300 v18.104.22.168
- D6300B v22.214.171.124
- DGN2200Bv4 v126.96.36.199
- DGN2200v4 v188.8.131.52
- Manually enable the password recovery feature on your device.
For more information, visit Configuring router administrative password recovery.
- Ensure that remote management is disabled.
Remote management is disabled by default. For more information, check the user manual for your product, which is available from http://www.netgear.com/support/.
We appreciate and value having security concerns brought to our attention. NETGEAR constantly monitors for both known and unknown threats. Being pro-active rather than re-active to emerging security issues is fundamental for product support at NETGEAR.
It is NETGEAR's mission to be the innovative leader in connecting the world to the internet. To achieve this mission, we strive to earn and maintain the trust of those that use NETGEAR products for their connectivity.
To report a security vulnerability, visit https://bugcrowd.com/netgear.
If you are a NETGEAR customer with a security-related support concern, you can contact NETGEAR customer support at email@example.com.
For all other issues, visit http://www.netgear.com/about/security/.
The firstname.lastname@example.org email address is no longer accepting messages and is no longer actively monitored.
Source gsmarena / netgear.