Network

Netgear Router Security Update

Netgear noted that several of their routers have a command injection Vulnerability issue where an attacker can use a phishing method to gain control of your router.

Tip:
To find the model/version number, check the bottom or back panel of your NETGEAR device.

From the vulnerability Notes Database:

R6200, R6250, R6400, R6700, R6900, R7000, R7100LG, R7300, R7900, R8000, D6220, and D6400 contain an unauthenticated command injection vulnerability that may be executed directly or via cross-domain requests. Known affected firmware versions include Netgear R7000 version 1.0.7.2_1.1.93, R6400 version 1.0.1.12_1.0.11, and R8000 version 1.0.3.4_1.1.2. Earlier versions may also be affected. The command injection vulnerability has been assigned CVE-2016-6277.

By convincing a user to visit a specially crafted web site, a remote, unauthenticated attacker may execute arbitrary commands with root privileges on affected routers. An unauthenticated, LAN-based attacker may do the same by issuing a direct request, e.g. by visiting: http:///cgi-bin/;COMMAND

How do I know if I’m affected?

You can verify that your router is affected by going to this URL:

http://[router-address]/cgi-bin/;uname$IFS-a

If a web page appears (which is not an error): you’re vulnerable.

How do I fix it?

Depending on which router you have, you’ll need to download a different firmware. All products followed by a single asterisk (*) have beta firmware fixes available. All products followed by three asterisks (***) have production firmware fixes available. You’ll find the download and instructions over on Netgear’s support pages, just click the link for your model:

On mine, because I was not affected; I simply went to the Upgrade page and let it do it’s thing…

  • Log in to the router using a Web browser. Or as per Netgear, you can just go to http://www.routerlogin.net.
  • Click ADVANCED tab > Administration > Router Update
  • Click the check button and then apply the update.

Let your router reboot and you’ll be all set.

Advertisements

Share your thoughts

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s