Security Researchers from Trustwave have discovered a security exploit in 31 different models of Netgear routers.
According to a recent report, the exploit could allow hackers to bypass security on some Netgear routers.
For starters, it affects a large number of models. We have found more than ten thousand vulnerable devices that are remotely accessible. The real number of affected devices is probably in the hundreds of thousands, if not over a million.
The vulnerability can be used by a remote attacker if remote administration is set to be Internet facing. By default this is not turned on. However, anyone with physical access to a network with a vulnerable router can exploit it locally. This would include public wifi spaces like cafés and libraries using vulnerable equipment.
You can find out more details about the reported security vulnerability in Netgear routers over at Trustwave at the link below.
Updated 2nd February 2017
Netgear has released an official statement, which you can see below.
Filed Under: Top News
NETGEAR is aware of the vulnerability (CVE-2017-5521), that has been recently publicized by TrustWave. This is not a new or recent development. We have been working with the security analysts to evaluate the vulnerability from the time they first contacted us. After being notified of the vulnerability in April, we released the first batch of fixes in June and prioritized the products based on the greatest number of customers or shipments. Since that time we have continued to release fixes for the remaining products, most of which are older obsolete products with a smaller install base, although it is important to note that we notified users of workarounds for all affected products contemporaneously with the first batch of fixes in June, so no one would be vulnerable pending the remaining fixes. NETGEAR has published a knowledge base article from our support page, which lists the affected routers and the available firmware fixes.
Firmware fixes are currently available for the majority of the affected devices. To download the firmware release that fixes the password recovery vulnerability, click the link for the model and visit the firmware release page for further instructions. For devices that are still pending final firmware updates, please continue employing the advised work around, which for most users requires no action to be taken.
Please note that this vulnerability occurs only if an attacker has access to the internal network, which requires close physical proximity plus WiFi password access, or when remote management is enabled on the router. Our routers are shipped from the factory with remote management turned off by default and can only be turned on through the advanced settings, so unless you have affirmatively enabled remote management on your router, no further action is required.
NETGEAR does appreciate and value having security concerns brought to our attention. We constantly monitor for both known and unknown threats. Being pro-active rather than re-active to emerging security issues is fundamental for product support at NETGEAR.
It is NETGEAR’s mission to be the innovative leader in connecting the world to the internet. To achieve this mission, we strive to earn and maintain the trust of those that use NETGEAR products for their connectivity.