Home
 » ISP News » 
Sponsored

NETGEAR Broadband Routers Exposed to New Security Bug

Wednesday, September 22nd, 2021 (8:31 am) - Score 888
netgear nighthark r7000

A large number of NETGEARs broadband and WiFi routers have been left vulnerable to a new Remote Code Execution (RCE) exploit, which works by allowing a hacker to manipulate the update process for each device’s Circle Smart Parental Control Service in order to gain control of the router.

The parental control service itself is NOT enabled by default on the company’s routers, but this doesn’t mean that owners who don’t use it are safe because the Circle update daemon itself is enabled by default. This daemon connects to Circle and Netgear to obtain updates for its filtering database, but NETGEAR sends those updates out as unsigned and via an unencrypted HTTP transfer.

NOTE: The vulnerability has been given the designation CVE-2021-40847.

In this case, a Man in the Middle (MitM) style attack was developed that can respond to circled update requests with a specially-crafted, compressed database file, the extraction of which gives the attacker the ability to overwrite executable files with attacker-controlled code (i.e. they can gain root access to the router).

A Proof of Concept (PoC) attack for this was developed for and tested against the Netgear R7000 router by GRIMM, but the issue also impacts other models including the R6400v2, R6700, R6700v3, R6900, R6900P, R7000P, R7850, R7900, R8000 and RS400. However, an attacker would need to be connected to a network with one of these routers installed, either locally or via a remote connection, in order to carry out the hack.

The good news is that NETGEAR have already released a new firmware patch for the affected models (Credits to Steve for spotting this), while GRIMM recommends the provisioning and use of Virtual Private Network (VPN) clients for those who can’t yet patch (these should be configured to handle all traffic to ensure that an attacker cannot read or modify network traffic in a way that cannot be detected by the VPN endpoints).

Share with Twitter
Share with Linkedin
Share with Facebook
Share with Reddit
Share with Pinterest
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on Twitter, , Facebook and Linkedin.
Leave a Comment
0 Responses

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Superfast ISPs
  • Vodafone £19.50 (*22.50)
    Speed 38Mbps, Unlimited
    Gift: None
  • NOW £20.00 (*32.00)
    Speed 36Mbps, Unlimited
    Gift: None
  • Hyperoptic £20.00 (*25.00)
    Speed 50Mbps, Unlimited
    Gift: Promo Code: HYPERFALL21
  • Shell Energy £21.99 (*30.99)
    Speed 35Mbps, Unlimited
    Gift: None
  • Plusnet £22.00 (*38.20)
    Speed 36Mbps, Unlimited
    Gift: £70 Reward Card
Large Availability | View All
New Forum Topics
Cheapest Ultrafast ISPs
  • Gigaclear £24.00 (*49.00)
    Speed: 300Mbps, Unlimited
    Gift: None
  • Vodafone £24.00 (*27.00)
    Speed: 100Mbps, Unlimited
    Gift: None
  • Community Fibre £25.00 (*27.50)
    Speed: 200Mbps, Unlimited
    Gift: None
  • Hyperoptic £25.00 (*35.00)
    Speed: 150Mbps, Unlimited
    Gift: Promo Code: HYPERFALL21
  • Virgin Media £28.00 (*52.00)
    Speed: 108Mbps, Unlimited
    Gift: None
Large Availability | View All
The Top 20 Category Tags
  1. FTTP (3570)
  2. BT (3024)
  3. Politics (1943)
  4. Building Digital UK (1929)
  5. FTTC (1888)
  6. Openreach (1838)
  7. Business (1694)
  8. Mobile Broadband (1480)
  9. Statistics (1410)
  10. FTTH (1365)
  11. 4G (1278)
  12. Fibre Optic (1176)
  13. Virgin Media (1174)
  14. Wireless Internet (1163)
  15. Ofcom Regulation (1150)
  16. Vodafone (847)
  17. EE (837)
  18. 5G (772)
  19. TalkTalk (770)
  20. Sky Broadband (748)
Promotion
Helpful ISP Guides and Tips
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact