Some Netgear Routers Need to Be Patched Immediately (opens in new tab)

(pcmag.com)

31 pointsj56no4y ago9 comments

9 comments

This may be a full RCE vulnerability but from what I can tell the exploit requires intercepting or redirecting HTTP traffic from the router to the update server.

Thats definitely a massive problem because anyone with access to DNS records (ISPs, governments, educational facilities, and so on) can remotely hack all of these devices, but on the other hand this poses no direct threat. The "immediately" part of the title seems overstated.

This just seems like a random, run-of-the-mill crappy router vulnerability to me. I'd be surprised if there was a consumer router that wasn't vulnerable to this somehow. Good thing Netgear provides a patch, though.

kingforaday4y ago

Even further its only those routers with the `circled` process running, which apparently is part of the parental controls functionality provided by Circle with their NetGear partnership. The silly part too is that the attack surface is available even if you don't have parental controls enabled.

ragesh4y ago

I'm so glad I've been playing around with OpenWRT lately. I bought a second router a while back just to experiment with it and now I have automatic fail-over between two ISPs (with mwan3) and WPA2 Enterprise (with FreeRadius).

Needless to say, my Netgear R7000P will soon be decommissioned. I wish it were officially supported on OpenWRT because it's got a good amount of RAM and flash that could have been put to better use.

DanAtC4y ago

Looks like the 7000P is supported by DD-WRT if you want something to play with before binning it: https://forum.dd-wrt.com/wiki/index.php/Netgear_R7000P

mahrain4y ago

For the longest time I used my R7000 as a router and NAS with either AsusWRT-Merlin or FreshTomato. They might serve your purpose?

SubiculumCode4y ago

Thoughts on which to choose for R7000? FreshTomato vs DD-WRT vs others?

szszrk4y ago

https://kb.netgear.com/000064039/Security-Advisory-for-Remot...

This link covers more the actual article.

TLDR: RCE on R6400v2 R6700 R6700v3 R6900 R6900P R7000 R7000P R7850 R7900 R8000 RS400

AdmiralAsshat4y ago

Why the hell do I have to manually download the new firmware and deploy it to fix this? My Netgear router has usually been able to update itself in the past just by logging into the admin console and checking for new firmware updates.

SubiculumCode4y ago

Their update is weird. Sometimes it does it by itself, but other times I've found that it had refused to update for almost a year.

j / k navigate · click thread line to collapse

9 comments

jeroenhd4y ago

This may be a full RCE vulnerability but from what I can tell the exploit requires intercepting or redirecting HTTP traffic from the router to the update server.

kingforaday4y ago

ragesh4y ago

Needless to say, my Netgear R7000P will soon be decommissioned. I wish it were officially supported on OpenWRT because it's got a good amount of RAM and flash that could have been put to better use.

DanAtC4y ago

Looks like the 7000P is supported by DD-WRT if you want something to play with before binning it: https://forum.dd-wrt.com/wiki/index.php/Netgear_R7000P

mahrain4y ago

For the longest time I used my R7000 as a router and NAS with either AsusWRT-Merlin or FreshTomato. They might serve your purpose?

SubiculumCode4y ago

Thoughts on which to choose for R7000? FreshTomato vs DD-WRT vs others?

szszrk4y ago

https://kb.netgear.com/000064039/Security-Advisory-for-Remot...

This link covers more the actual article.

TLDR: RCE on R6400v2 R6700 R6700v3 R6900 R6900P R7000 R7000P R7850 R7900 R8000 RS400

AdmiralAsshat4y ago

SubiculumCode4y ago

Their update is weird. Sometimes it does it by itself, but other times I've found that it had refused to update for almost a year.

j / k navigate · click thread line to collapse