Tech
Stop Using Your Netgear Router Immediately: R6400, R7000 & R8000 Have Confirmed Security Issues, Here's How You Can Temporarily Fix Them
Niyati S.
First Posted: Dec 13, 2016 03:10 AM EST
Three of Neatgear's router models have been found to be susceptible to even a BASIC attack, as has been reported by proper tech authorities. Once attacked, the entire network can easily be taken over by the hacker.
Netgear has recently drawn heavy criticism after its certain routers were reported to have some concrete security issues. According to the expert, these routers are very vulnerable to even basic attacks. The hackers can take control of the router as well as the connected devices and obtain personal data.
The routers affected by this security issue include R8000, R7000 and R6400. If you are using any of these routers for your home or office, it is advisable for you to stop using them until a proper fix patch is released by Netgear.
CERT analysis
The reason behind such vulnerability is the router's complete lack of ability to filter malicious commands which are camouflaged under website URLs.
This danger has been tested and reported by U.S. Computer Emergency Readiness Team (CERT). CERT is a federal government supported agency and their job is to test out software vulnerabilities.
"By convincing a user to visit a specially crafted web site, a remote unauthenticated attacker may execute arbitrary commands with root privileges on affected routers," CERT stated in an advisory issued last Dec. 9.
The security issue
The threat was first demonstrated by a researcher called Acew0rm who created a malicious command. He then posted the exploit on the internet hidden under a a secure looking web link. Once a user clicks on this link, the router is commanded to run as root. That makes it vulnerable to dangerous shell commands. This masquerading of URLs is a part of the problem that the Netgear routers are completely unable to identify.
Netgear's response
Netgear has accepted the report on the vulnerable routers. They assured the customers that they are working on the issue seriously.
"It is Netgear's mission to be the innovative leader in connecting the world to the internet," the company said. "To achieve this mission, we strive to earn and maintain the trust of those that use Netgear products for their connectivity."
The statement did not clarify if other Netgear routers such as the Netgear X10 are also affected by this breach. CERT, on the other hand, believes that other models may also be affected by this threat.
Temporary Fix
While Netgear finalises a proper security fix for this situation, there is a way you can fix your router temporarily. This will work until your device is rebooted. How it works is that it exploits the threat in itself by making a command that disables the router's web server.
You just to click on this links after removing the brackets: (https://[router-address]/cgi-bin/;killall$IFS'httpd')
If you are trying to execute this command, replace "router-address" with your local IP address. This is not permanent because it will stop working when the device is restarted. We should expect Netgear to send an update as soon as possible, now that they have acknowledged the breach.
Keep watching this space for more updates about your Netgear routers and how to protect them!
See Now:
NASA's Juno Spacecraft's Rendezvous With Jupiter's Mammoth Cyclone
Tagsnetgear router, netgear security issue, netgear security, netgear hacked, WiFi router, wifi router hacked ©2024 ScienceWorldReport.com All rights reserved. Do not reproduce without permission. The window to the world of science news.
More on SCIENCEwr
First Posted: Dec 13, 2016 03:10 AM EST
Three of Neatgear's router models have been found to be susceptible to even a BASIC attack, as has been reported by proper tech authorities. Once attacked, the entire network can easily be taken over by the hacker.
Netgear has recently drawn heavy criticism after its certain routers were reported to have some concrete security issues. According to the expert, these routers are very vulnerable to even basic attacks. The hackers can take control of the router as well as the connected devices and obtain personal data.
The routers affected by this security issue include R8000, R7000 and R6400. If you are using any of these routers for your home or office, it is advisable for you to stop using them until a proper fix patch is released by Netgear.
CERT analysis
The reason behind such vulnerability is the router's complete lack of ability to filter malicious commands which are camouflaged under website URLs.
This danger has been tested and reported by U.S. Computer Emergency Readiness Team (CERT). CERT is a federal government supported agency and their job is to test out software vulnerabilities.
"By convincing a user to visit a specially crafted web site, a remote unauthenticated attacker may execute arbitrary commands with root privileges on affected routers," CERT stated in an advisory issued last Dec. 9.
The security issue
The threat was first demonstrated by a researcher called Acew0rm who created a malicious command. He then posted the exploit on the internet hidden under a a secure looking web link. Once a user clicks on this link, the router is commanded to run as root. That makes it vulnerable to dangerous shell commands. This masquerading of URLs is a part of the problem that the Netgear routers are completely unable to identify.
Netgear's response
Netgear has accepted the report on the vulnerable routers. They assured the customers that they are working on the issue seriously.
"It is Netgear's mission to be the innovative leader in connecting the world to the internet," the company said. "To achieve this mission, we strive to earn and maintain the trust of those that use Netgear products for their connectivity."
The statement did not clarify if other Netgear routers such as the Netgear X10 are also affected by this breach. CERT, on the other hand, believes that other models may also be affected by this threat.
Temporary Fix
While Netgear finalises a proper security fix for this situation, there is a way you can fix your router temporarily. This will work until your device is rebooted. How it works is that it exploits the threat in itself by making a command that disables the router's web server.
You just to click on this links after removing the brackets: (https://[router-address]/cgi-bin/;killall$IFS'httpd')
If you are trying to execute this command, replace "router-address" with your local IP address. This is not permanent because it will stop working when the device is restarted. We should expect Netgear to send an update as soon as possible, now that they have acknowledged the breach.
Keep watching this space for more updates about your Netgear routers and how to protect them!
See Now: NASA's Juno Spacecraft's Rendezvous With Jupiter's Mammoth Cyclone