Consumers who own any one of several NETGEAR broadband router models (JNR1010v2, JNR3000, JWNR2000v5, JWNR2010v5, N300, R3250, WNR2020, WNR614, WNR618) could be vulnerable to two new exploits that may allow a remote attacker to gain full control of your device.
Apparently these exploits, which were first discovered during the summer and have only recently been published online (here and here), only work over the Internet if the router has Wide Area Network (WAN) Administration enabled (this is not normally switched on by default). Otherwise the hacker would need to be physically near to your network.
A successful attack would grant the hacker unauthenticated root access, which could allow them to do various things, such as snooping on your network traffic by changing your DNS settings so that any website requests and inputs run through compromised servers.
A related report on the BBC shows that such attacks are already happening, although it’s not yet a huge problem because not everybody will have their device open to remote access. But some hackers do drive around looking for vulnerable networks to exploit.
NETGEAR are clearly aware of the problem and taking it seriously, in fact they’ve already developed a firmware fix, but they have yet to release an update for all of the affected routers. Device manufacturers can be lazy and tend to stop providing support for their routers after a few years, even though the kit may remain in use for a lot longer.
UPDATE 13th October 2015
The following is a new statement from NETGEAR, which yesterday released a new firmware fix for the stated router models.
A NETGEAR Spokesperson told ISPreview.co.uk:
“NETGEAR takes customer security very seriously. A firmware update has been released to address the issue: http://kb.netgear.com/app/answers/detail/a_id/29959. NETGEAR is proactively notifying registered users via email, plus customers can find the new firmware by checking the firmware page, desktop, and mobile Genie app.
NETGEAR encourages its customers to ensure WiFi security is turned on and that remote access functionality is turned off (both default settings in NETGEAR’s routers and gateways). NETGEAR also advises customers to change the default password for the router to prevent unauthorised devices from accessing your network.”
Comments are closed