Security researchers from Trustwave are alert of a novel authentication vulnerability inwards at to the lowest degree 31 models of Netgear models that potentially affects over i 1000000 Netgear customers.
The novel vulnerability, discovered past times Trustwave's SpiderLabs researcher Simon Kenin, tin allow remote hackers to obtain the admin password for the Netgear router through a flaw inwards the password recovery process.
Kenin discovered the flaw (CVE-2017-5521) when he was trying to access the direction page of his Netgear router but had forgotten its password.
Exploiting the Bug to Take Full Access on Affected Routers
But Kenin said the newly discovered flaw could last remotely exploited but if the router's remote direction selection is enabled.
While the router vendor claims the remote direction selection is turned off on its routers past times default, according to the researcher, in that place are "hundreds of thousands, if non over a million" routers left remotely accessible.
"The vulnerability tin last used past times a remote assailant if remote direction is gear upwards to last meshing facing. By default this is non turned on," Kenin said. "However, anyone alongside physical access to a network alongside a vulnerable router tin exploit it locally. This would include populace Wi-Fi spaces similar cafés together with libraries using the vulnerable equipment."If exploited past times bad actors, the vulnerability that completely bypasses whatsoever password on a Netgear router could give hackers consummate command of the affected router, including the mightiness to alter its configuration, plough it into botnets or fifty-fifty upload solely novel firmware.
After trying out his flaw on a hit of Netgear routers, Kenin was surprised to know that to a greater extent than than 10 M vulnerable devices used the flawed firmware together with tin last accessed remotely.
He has besides released an exploit code for testing purpose, written inwards Python.
List of Vulnerable NETGEAR Router Models
The SpiderLabs researcher stressed that the vulnerability is really serious equally it affects a large lay out of Netgear router models. Here's a listing of affected Netgear routers:
- R8500
- R8300
- R7000
- R6400
- R7300DST
- R7100LG
- R6300v2
- WNDR3400v3
- WNR3500Lv2
- R6250
- R6700
- R6900
- R8000
- R7900
- WNDR4500v2
- R6200v2
- WNDR3400v2
- D6220
- D6400
- C6300 (firmware released to ISPs)
Update the Firmware of your NETGEAR Router Now!
Kenin notified Netgear of the flaw, together with the society confirmed the resultant affects a large lay out of its products.
Netgear has released firmware updates for all of its affected routers, together with users are strongly advised to upgrade their devices.
This is the minute fourth dimension inwards some 2 months when researchers bring discovered flaws inwards Netgear routers. Just concluding month, the US-CERT advised users to stop using Netgear's R7000 together with R6400 routers due to a serious põrnikas that permitted command injection.
However, inwards an endeavor to brand its production safe, Netgear of late partnered upwards alongside Bugcrowd to launch a bug bounty program that tin earn researchers cash rewards of upwards to $15,000 for finding together with responsibly reporting flaws inwards its hardware, APIs, together with the mobile apps.
