Netgear customers warned to stop using flawed routers

Netgear identifies at least eight router models affected by remote access bug

Customers using Netgear home routers have been urged to switch them off, after a number of models were found to contain a vulnerability that could let hackers gain remote access.

Security researchers at Carnegie Mellon University in Pennsylvania found eight models of Netgear routers had a security flaw that could allow hackers to gain access to a home network and any connected devices with relative ease.

Advertisement - Article continues below

The flaw, known as #582384, was initially found in R7000, R6400 and R8000 routers, but Netgear has since confirmed the vulnerability is also affecting R6250, R6700, R7300 and R7900 routers. Netgear is currently testing all of its router models for the "command injection vulnerability", and it is possible more are affected.

"By convincing a user to visit a specially crafted website, a remote unauthenticated attacker may execute arbitrary commands with root privileges on affected routers," said the researchers. "Users who have the option of doing so should strongly consider discontinuing use of affected devices until a fix is made available."

By clicking a malicious link, users can inadvertently give hackers full control over a router, giving access to a full list of internet traffic on the network, which may include personal details and login information.

Advertisement
Advertisement - Article continues below

Netgear has said it is working on a firmware version that will fix the command injection vulnerability, although there is no specific release date.

Advertisement - Article continues below

"Netgear is continuing to review our entire portfolio for other routers that might be affected by this vulnerability," said Netgear in a blog post. "If any other routers are affected by the same security vulnerability, we plan to release firmware to fix those as well."

A beta version of updated firmware is currently available for R6400, R7000 and R8000 routers, although Netgear warned that these updates have not been fully tested and may not work for all users. Additional beta updates will be made available for the other models in the coming days, so make sure to keep an eye on Netgear's security blog.

Picture: Netgear's Nighthawk Smart WiFi router, R7000 model

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Recommended

Visit/security/hacking/355806/anarchygrabber-hack-steals-discord-tokens-ids-and-passwords
hacking

AnarchyGrabber hack steals Discord tokens, IDs and passwords

27 May 2020
Visit/security/hacking/355801/scammers-using-coronavirus-contact-tracing-in-hacking-attempt
hacking

Scammers leverage contact-tracing in hacking attempt

27 May 2020
Visit/security/phishing/355793/gitlab-phishes-its-remote-employees-and-1-in-5-fell-for-it
phishing

GitLab phished its employees and 20% handed over credentials

26 May 2020
Visit/security/cyber-security/355791/cyberpeace-institute-urges-governments-to-work-together-to-stop
cyber security

Governments urged to work together to stop health care cyber attacks

26 May 2020

Most Popular

Visit/operating-systems/microsoft-windows/355781/microsoft-confirms-further-issues-with-troublesome
Microsoft Windows

Microsoft's latest Windows 10 update is causing yet more issues

26 May 2020
Visit/mobile/5g/355712/nokia-5g-speed-record
5G

Nokia breaks 5G record with speeds nearing 5Gbps

20 May 2020
Visit/infrastructure/network-internet/355792/intel-releases-wi-fi-and-bluetooth-driver-updates-for
Network & Internet

Intel releases Wi-Fi and Bluetooth driver updates for Windows 10

26 May 2020