Within the last week, it was discovered that at least two Netgear routers were susceptible to a critical security flaw which enabled code injection attacks which would execute with root privileges. In its advisory, CERT encouraged users to 'discontinue use' of affected routers until a fix was made available by Netgear.
Now, the full extent of the problem has become clearer, with a total of 11 products affected by the vulnerability, which currently include:
- R6250
- R6400
- R6700
- R6900
- R7000
- R7100LG
- R7300DST
- R7900
- R8000
- D6220
- D6400
Thankfully, Netgear has released beta firmware for each of the affected devices mitigating the immediate security issue while it works on finalizing the production firmware. However, the company has warned users that "the beta firmware has not been fully tested and might not work for all users." As such, your mileage may vary should you choose to proceed.
However, owners of other Netgear routers aren't necessarily out of the woods, as the company has advised that it "is continuing to review our entire portfolio for other routers that might be affected by this vulnerability."
If you want to download the beta firmware for one of the affected routers above, you can download them via Netgear's security advisory.
Source: Netgear
8 Comments - Add comment