• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Kudos5 Stats

Netgear password vulnerability could lead to botnet style attacks

Netgear has announced a patch for software vulnerabilities in over 30 devices that can allow hackers access to the router password. The vulnerability gives attackers access to the router’s password recovery system in order to steal login credentials, giving them full access to the device and all of its settings.

These vulnerabilities can be exploited in two ways. If the attacker has physical access they can then access the router and exploit the vulnerabilities locally. The second and more dangerous way is that the vulnerability can be exploited remotely. Netgear routers come with the capability of remote management- where a user can access their router from outside of their network. Remote management is turned off on NETGEAR routers by default; however, if you own one of these devices, you should double check your settings to make sure this feature is indeed turned off.

After ensuring remote management is off, check your administration panel for a firmware update to see if there is a patch available. Netgear has stated that 31 of their routers are vulnerable and, of those, 18 have been patched. You can visit their support page to find out which routers are affected and download the firmware patch.

This type of vulnerability could give attackers access to not only your router, but also everything that is connected to it. In October of 2016, we reported on a massive cyber attack that created a botnet out of connected devices. That botnet then attacked one of the largest DNS server companies in the world which took many popular, mainstream websites and services offline for hours. This issue could help facilitate more of those types of attacks.

Protect what you can:

The best way to defend all of your devices is to protect what comes in contact with your network. The router is essentially the front door to your online world. Over the past year at Norton, we've been keeping a close eye on the Internet of things threat landscape. We are seeing that IoT devices are now being attacked on an average of every two minutes. As a result, we're proud to announce the brand new Norton Core router. Available for pre-order now, Norton Core is your “Digital Deadbolt” to your connected home. The first and only high performance, secure router with Norton protection bundled into it.

Another important way to get ahead of the bad guys is to participate in your own Internet security. Educate yourself about the threats out there and how they can affect you. Use security software, research your devices and secure them, and tell your friends to do the same! When more of us stay protected together, attackers will have fewer targets to take advantage of.

Comments

Kudos1 Stats
We still have to buy your product again and it seems a marketing ploy. I already pay you to fix these issues.
Kudos1 Stats

There needs to be a BIG clarification on this article. This can only happen if, and only if, you have remote management turned on AND password recovery turned off. If you turn password recovery on and set the recovery questions, you will not have this vulnerability. If you are patched already, you will not have the vulnerability anymore either.

Kudos1 Stats

I agree , I pay for this protection , so why do i need to pay again. please give clarification. also you tell me to go to website netgear ... but i have no protection while viewing the site .I am confused.

 Thanks

Kudos1 Stats

Anyone know if N600 WNDR3700v2 is involved in this????

No mention in Netgear site if it is or isn't. 

The do say WNDR3700v3 is involved.  I have no idea if the V2 has been

patched or not -  When check the site from router panel it says no new firmware is indicated....   Do I believe this or not ???  Yes I have remote turned OFF.  and I have no indicator on panel on how to do the password routine other than change the password....which I did change as a precaution ( and I baked it up ).  Any help appreciated. 

Kudos1 Stats

Regarding Netgear router vulnerability.  I own a Model #WNDR4300v2 and was having problems with DDOS attacks slowing down my computer.  I went through your Norton support and they informed me it was something in my network.  When I contacted my ISP technician, he checked all the settings in my router and made numerous changes.   my remote management was already turned off.   Besides resetting my password, he made other changes.  It wasn't until I received your newsletter about the vulnerability of the Netgear router that I decided to go into the router and reset my password.  There were no updated firmware versions.  I no longer have the problem of my router being under DDOS attacks and slowing it down.  Perhaps you should check into this Model as well.  Thank you.

Kudos1 Stats

By paying for Norton Anti Virus, I assumed that they would be protecting my computer and providing me with any necessary patches.

Apparently NOT as it seems, perhaps subscribers should be looking at alternative suppliers when it comes to renewal time?

Kudos1 Stats

Folks, this is a hardware issue. Norton anti-virus will not stop someone cracking your system, which is what the Netgear vulnerability allows. It basically allows someone to bypass security using the Netgear interface. If they then install a piece of software that has malware on it, then Norton will go into action. However, It does not stop someone for snooping around on your system or downloading files. Like I stated above, this only applies to unpatched routers that have Remote Management turned on AND have not set the security questions inside the router settings. if you are unsure if your router has a patch, shut off remote management.

Kudos0

I have NETGEAR Genie installed and it automatically uploaded the patch. I just had to allow the changes to be made.  Wish I had known that from the beginning; would have saved me a lot of time trying to follow their instructions.  So check if your installed version is different from the downloaded patch version.