Home
 » ISP News » 
Sponsored

UPDATE Modern NETGEAR Routers Hit by Command Injection Vulnerability

Wednesday, December 14th, 2016 (10:48 am) - Score 1,184
Netgear R8000 Router

Do you own a modern NETGEAR broadband router (i.e. R6200, R6400, R6700, R7000, R7100LG, R7300, R7900 and R8000)? If so then we’ve got bad news because a major security flaw, which was first identified and notified to the manufacturer in August 2016, still hasn’t been completely fixed.

The vulnerability, which has been described as “trivial” for a hacker to exploit, stems from the fact that NETGEAR’s kit doesn’t do a very good job of filtering out remote commands that have been sent via the Internet or even via your own Local Area Network (LAN).

As a result the hacker can easily gain access and then full control of the router, which has all kinds of security and privacy implications for any traffic that goes over your network.

Vulnerability Note VU#582384

Netgear R7000, firmware version 1.0.7.2_1.1.93 and possibly earlier, R6400, firmware version 1.0.1.12_1.0.11 and possibly earlier, and R8000, firmware version 1.0.3.4_1.1.2 and possibly earlier, contain an arbitrary command injection vulnerability.

By convincing a user to visit a specially crafted web site, a remote, unauthenticated attacker may execute arbitrary commands with root privileges on affected routers. An unauthenticated, LAN-based attacker may do the same by issuing a direct request, e.g. by visiting:

http:///cgi-bin/;COMMAND

An exploit demonstrating these vulnerabilities has been publicly disclosed.

Netgear’s advisory confirms that the R6200, R6400, R6700, R7000, R7100LG, R7300, R7900, and R8000 are vulnerable, though affected firmware versions are not enumerated. The vendor has indicated that their advisory will be updated as firmware updates are released.

The new exploit doesn’t require any sort of authentication and can work even when the device’s remote management feature is not visible to the Internet. In essence all the hacker has to do is get you to visit a website and this then runs the code that opens you up to a world of hurt.

Happily a beta firmware update has been released that can fix the issue on most of NETGEAR’s router models, but this doesn’t yet include the slightly older D6220, D6400, R6900 or D7000 series.

Many of the affected routers from NETGEAR are quite modern, particularly the R8000 “Nighthawk” series that has received plenty of glowing reviews. Admittedly any router can suffer from security exploits, although it’s usually much more common for such issues to affect older models (e.g. those that are no longer being supported) than the very latest kit.

A temporary fix does exist for those models that haven’t yet been updated, but it requires a little bit of technical knowledge.

UPDATE 20th Dec 2016

NETGEAR has now released a patch for all of the relevant models.

Leave a Comment
1 Response
  1. Avatar Mel

    Well at least they are fixing it, I don’t think they ever fixed the password bypass vulnerability or shell access vulnerabilities in their DG834 series (G,GT,N) of routers, when they were a current model which similarly only required a victim to visit a website to have the router hacked.

    Rather neatly it was possible to remotely inject a shell script into the router NVR that would run every time they were rebooted, so I was tempted at the time to release a fix that didn’t require a firmware update.

    Although the password bypass vulnerability in the Sky dg834gt version was fixed by updated Sky firmware, probably by chance as it didn’t need the setup feature.

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Superfast ISPs
  • Hyperoptic £19.95 (*22.00)
    Avg. Speed 50Mbps, Unlimited
    Gift: £50 Gift Card
  • Post Office £20.90 (*37.00)
    Avg. Speed 38Mbps, Unlimited
    Gift: None
  • Vodafone £21.95
    Avg. Speed 63Mbps, Unlimited
    Gift: None
  • SSE £22.00
    Avg. Speed 35Mbps, Unlimited (FUP)
    Gift: None
  • xln telecom £22.74 (*47.94)
    Avg. Speed 66Mbps, Unlimited (FUP)
    Gift: None
Prices inc. Line Rental | View All
The Top 20 Category Tags
  1. BT (2620)
  2. FTTP (2411)
  3. FTTC (1713)
  4. Building Digital UK (1649)
  5. Politics (1513)
  6. Openreach (1488)
  7. Business (1305)
  8. FTTH (1200)
  9. Statistics (1141)
  10. Mobile Broadband (1106)
  11. Fibre Optic (1010)
  12. Ofcom Regulation (962)
  13. 4G (955)
  14. Wireless Internet (953)
  15. Virgin Media (912)
  16. EE (632)
  17. Sky Broadband (625)
  18. TalkTalk (609)
  19. Vodafone (577)
  20. 3G (433)
New Forum Topics
»
»
»
»
Playlist editors
Author: timeless
»
4G LTE Antennas
Author: soulas85
Promotion
Helpful ISP Guides and Tips
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact