Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsLAN (ethernet/Wifi/routers/Bluetooth)PSA: Power off Netgear R6400 / R7000 / R8000until new firmware released


3872 posts

Uber Geek

Trusted
Lifetime subscriber

# 206153 12-Dec-2016 08:49
One person supports this post
Send private message

There is an unpatched vulnerability in these that allows remote command injection, and public exploit code for said vulnerability. 

 

Full details at https://www.kb.cert.org/vuls/id/582384

 

Confirmed to be an issue on the R6400/R7000 models, but as per the CERT entry at least one firmware revision of the R8000 is vulnerable according to community reports and other Netgear routers may be vulnerable.

 

 




Information wants to be free. The Net interprets censorship as damage and routes around it.

Create new topic
610 posts

Ultimate Geek


  # 1686346 12-Dec-2016 09:12
One person supports this post
Send private message

 

By convincing a user to visit a specially crafted web site, a remote attacker may execute arbitrary commands with root privileges on affected routers. A LAN-based attacker may do the same by issuing a direct request, e.g. by visiting: http:///cgi-bin/;COMMAND

 

 

Wow. That has to be one of the biggest security holes out there.

 

If you're running stock firmware, may I suggest now would be a good time to try out some third-party alternatives? AdvancedTomato had an uptime of about 200 days on my R7000 until a power cut the other night.

'That VDSL Cat'
11018 posts

Uber Geek

Trusted
Spark
Subscriber

  # 1686349 12-Dec-2016 09:19
Send private message

Scary flaw to have in there in this day and ages.

 

 

 

Ammazed that something so simple still stands in routers.. surely we learnt from back in the day when this first came out?




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 
 
 
 


Mr Snotty
8870 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  # 1686357 12-Dec-2016 09:47
2 people support this post
Send private message

With most of these routers flash with Advanced Tomato and be done with it. This is bad...

 

The likleyhood of an attack is slim however as this has to be exploited client side. With the Marai botnet doing its rounds it wouldn't surprise me if it was able to send phishing emails out hoping to get more victims. There is already this same exploit for some TP-LINK and DLINK routers with unpatched firmware (this is going back a few years).




Michael Murphy | https://murfy.nz
A quick guide to picking the right ISP | The Router GuideCommunity UniFi Cloud Controller | Ubiquiti Edgerouter Tutorial | Sharesies

'That VDSL Cat'
11018 posts

Uber Geek

Trusted
Spark
Subscriber

  # 1686360 12-Dec-2016 09:50
Send private message

michaelmurfy:

 

With most of these routers flash with Advanced Tomato and be done with it. This is bad...

 

The likleyhood of an attack is slim however as this has to be exploited client side. With the Marai botnet doing its rounds it wouldn't surprise me if it was able to send phishing emails out hoping to get more victims. There is already this same exploit for some TP-LINK and DLINK routers with unpatched firmware (this is going back a few years).

 

 

 

 

as its only over http, it's easily exploited over a iframe or js remember..




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

BDFL - Memuneh
64659 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  # 1686396 12-Dec-2016 10:34
3 people support this post
Send private message

At the end of the day I don't see any of these manufacturers giving a damn. 




Sharesies investment funds | Geekzone broadband switch | Backblaze backup (Geekzone aff) | Amazon (Geekzone aff) | MightyApe (Geekzone aff)

 

My technology disclosure | Digital Transformation | Enterprise Content Management | Customer Relationship Management | Data Insights, Business Intelligence and Advanced Analytics 

 

 



3872 posts

Uber Geek

Trusted
Lifetime subscriber

  # 1686467 12-Dec-2016 11:24
Send private message

I'm not sure how many people here will be running stock firmware, but plenty of not so technical people who brought them from Noel Leemings etc will be. 




Information wants to be free. The Net interprets censorship as damage and routes around it.

Banana?
4855 posts

Uber Geek

Subscriber

  # 1686494 12-Dec-2016 12:23
Send private message

I'm running stock on an R7000.

 

No chance I will run anything from a website I don't know. Will look at putting the Tomato on it this weekend.

 
 
 
 


191 posts

Master Geek


  # 1686633 12-Dec-2016 18:49
Send private message

trig42:

 

I'm running stock on an R7000.

 

No chance I will run anything from a website I don't know. Will look at putting the Tomato on it this weekend.

 

 

Maybe using a non-standard IP address for the router (and dhcp server) could offer some interim defense - see details here - http://routersecurity.org/ipaddresses.php

 

 

191 posts

Master Geek


  # 1686642 12-Dec-2016 18:54
Send private message

Computerworld has a detailed article (and how to test your router's vulnerability) here - http://www.computerworld.com/article/3148680/networking/easily-exploited-netgear-router-flaw-discovered.html

 

 

191 posts

Master Geek


  # 1686645 12-Dec-2016 18:57
Send private message

And a suggested 2 step temporary fix here - http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/

 

 

1358 posts

Uber Geek


  # 1687840 14-Dec-2016 18:56
Send private message

allio:

 

 

By convincing a user to visit a specially crafted web site, a remote attacker may execute arbitrary commands with root privileges on affected routers. A LAN-based attacker may do the same by issuing a direct request, e.g. by visiting: http:///cgi-bin/;COMMAND

 

 

Wow. That has to be one of the biggest security holes out there.

 

If you're running stock firmware, may I suggest now would be a good time to try out some third-party alternatives? AdvancedTomato had an uptime of about 200 days on my R7000 until a power cut the other night.

 

 

 

 

Interesting, I've never put 3rd party firmware on before, will give this a try thanks.

 

 

 

Actually after seeing people complain about the WiFi range and speed being worse on this, I think I'll just stick with stock and just install the beta patch. :D

1358 posts

Uber Geek


  # 1692078 19-Dec-2016 10:41
Send private message

There are now a few production firmware fixes available for anyone interested: Linky

191 posts

Master Geek


  # 1693862 22-Dec-2016 14:39
Send private message

Updated all my R7000s (Router, WiFi Bridge & AP) - so far so good!

 

(WiFi on FibreX Max)

 

1990 posts

Uber Geek

Trusted

  # 1694950 25-Dec-2016 21:04
One person supports this post
Send private message

And here I thought it was a feature...




Qualified in business, certified in fibre, stuck in copper, have to keep going  ^_^

191 posts

Master Geek


  # 1701131 10-Jan-2017 21:15
Send private message

Netgear has partnered with Bugcrowd to offer between $150 and $15,000 to researchers who find security flaws in its hardware, mobile apps, and APIs etc - see full article here http://www.tomshardware.com/news/netgear-bugcrowd-bug-bounty-program,33342.html

 

Is this initiative too little too late or a step in the right direction?

Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Logitech introduces new Made for Google keyboard and mouse devices
Posted 16-Oct-2019 13:36

MATTR launches to accelerate decentralised identity
Posted 16-Oct-2019 10:28

Vodafone X-Squad powers up for customers
Posted 16-Oct-2019 08:15

D Link ANZ launches EXO Smart Mesh Wi Fi Routers with McAfee protection
Posted 15-Oct-2019 11:31

Major Japanese retailer partners with smart New Zealand technology IMAGR
Posted 14-Oct-2019 10:29

Ola pioneers one-time passcode feature to fight rideshare fraud
Posted 14-Oct-2019 10:24

Spark Sport new home of NZC matches from 2020
Posted 10-Oct-2019 09:59

Meet Nola, Noel Leeming's new digital employee
Posted 4-Oct-2019 08:07

Registrations for Sprout Accelerator open for 2020 season
Posted 4-Oct-2019 08:02

Teletrac Navman welcomes AI tech leader Jens Meggers as new President
Posted 4-Oct-2019 07:41

Vodafone makes voice of 4G (VoLTE) official
Posted 4-Oct-2019 07:36

2degrees Reaches Milestone of 100,000 Broadband Customers
Posted 1-Oct-2019 09:17

Nokia 1 Plus available in New Zealand from 2nd October
Posted 30-Sep-2019 17:46

Ola integrates Apple Pay as payment method in New Zealand
Posted 25-Sep-2019 09:51

Facebook Portal to land in New Zealand
Posted 19-Sep-2019 18:35


Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.