Netgear customers warned to stop using flawed routers
Netgear identifies at least eight router models affected by remote access bug
Customers using Netgear home routers have been urged to switch them off, after a number of models were found to contain a vulnerability that could let hackers gain remote access.
Security researchers at Carnegie Mellon University in Pennsylvania found eight models of Netgear routers had a security flaw that could allow hackers to gain access to a home network and any connected devices with relative ease.
The flaw, known as #582384, was initially found in R7000, R6400 and R8000 routers, but Netgear has since confirmed the vulnerability is also affecting R6250, R6700, R7300 and R7900 routers. Netgear is currently testing all of its router models for the "command injection vulnerability", and it is possible more are affected.
"By convincing a user to visit a specially crafted website, a remote unauthenticated attacker may execute arbitrary commands with root privileges on affected routers," said the researchers. "Users who have the option of doing so should strongly consider discontinuing use of affected devices until a fix is made available."
By clicking a malicious link, users can inadvertently give hackers full control over a router, giving access to a full list of internet traffic on the network, which may include personal details and login information.
Netgear has said it is working on a firmware version that will fix the command injection vulnerability, although there is no specific release date.
"Netgear is continuing to review our entire portfolio for other routers that might be affected by this vulnerability," said Netgear in a blog post. "If any other routers are affected by the same security vulnerability, we plan to release firmware to fix those as well."
A beta version of updated firmware is currently available for R6400, R7000 and R8000 routers, although Netgear warned that these updates have not been fully tested and may not work for all users. Additional beta updates will be made available for the other models in the coming days, so make sure to keep an eye on Netgear's security blog.
Picture: Netgear's Nighthawk Smart WiFi router, R7000 model
How to scale your organisation in the cloud
How to overcome common scaling challenges and choose the right scalable cloud serviceDownload now
The people factor: A critical ingredient for intelligent communications
How to improve communication within your businessDownload now
Future of video conferencing
Optimising video conferencing features to achieve business goalsDownload now
Improving cyber security for remote working
13 recommendations for security from any locationDownload now