Netgear customers warned to stop using flawed routers
Netgear identifies at least eight router models affected by remote access bug
Customers using Netgear home routers have been urged to switch them off, after a number of models were found to contain a vulnerability that could let hackers gain remote access.
Security researchers at Carnegie Mellon University in Pennsylvania found eight models of Netgear routers had a security flaw that could allow hackers to gain access to a home network and any connected devices with relative ease.
The flaw, known as #582384, was initially found in R7000, R6400 and R8000 routers, but Netgear has since confirmed the vulnerability is also affecting R6250, R6700, R7300 and R7900 routers. Netgear is currently testing all of its router models for the "command injection vulnerability", and it is possible more are affected.
"By convincing a user to visit a specially crafted website, a remote unauthenticated attacker may execute arbitrary commands with root privileges on affected routers," said the researchers. "Users who have the option of doing so should strongly consider discontinuing use of affected devices until a fix is made available."
By clicking a malicious link, users can inadvertently give hackers full control over a router, giving access to a full list of internet traffic on the network, which may include personal details and login information.
Netgear has said it is working on a firmware version that will fix the command injection vulnerability, although there is no specific release date.
"Netgear is continuing to review our entire portfolio for other routers that might be affected by this vulnerability," said Netgear in a blog post. "If any other routers are affected by the same security vulnerability, we plan to release firmware to fix those as well."
A beta version of updated firmware is currently available for R6400, R7000 and R8000 routers, although Netgear warned that these updates have not been fully tested and may not work for all users. Additional beta updates will be made available for the other models in the coming days, so make sure to keep an eye on Netgear's security blog.
Picture: Netgear's Nighthawk Smart WiFi router, R7000 model
Digital document processes in 2020: A spotlight on Western Europe
The shift from best practice to business necessityDownload now
Four security considerations for cloud migration
The good, the bad, and the ugly of cloud computingDownload now
VR leads the way in manufacturing
How VR is digitally transforming our worldDownload now
Deeper than digital
Top-performing modern enterprises show why more perfect software is fundamental to successDownload now