Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Lias

5589 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

#206153 12-Dec-2016 08:49
Send private message

There is an unpatched vulnerability in these that allows remote command injection, and public exploit code for said vulnerability. 

 

Full details at https://www.kb.cert.org/vuls/id/582384

 

Confirmed to be an issue on the R6400/R7000 models, but as per the CERT entry at least one firmware revision of the R8000 is vulnerable according to community reports and other Netgear routers may be vulnerable.

 

 





I'm a geek, a gamer, a dad, a Quic user, and an IT Professional. I have a full rack home lab, size 15 feet, an epic beard and Asperger's. I'm a bit of a Cypherpunk, who believes information wants to be free and the Net interprets censorship as damage and routes around it. If you use my Quic signup you can also use the code R570394EKGIZ8 for free setup.


Create new topic
allio
885 posts

Ultimate Geek


  #1686346 12-Dec-2016 09:12
Send private message

 

By convincing a user to visit a specially crafted web site, a remote attacker may execute arbitrary commands with root privileges on affected routers. A LAN-based attacker may do the same by issuing a direct request, e.g. by visiting: http:///cgi-bin/;COMMAND

 

 

Wow. That has to be one of the biggest security holes out there.

 

If you're running stock firmware, may I suggest now would be a good time to try out some third-party alternatives? AdvancedTomato had an uptime of about 200 days on my R7000 until a power cut the other night.




hio77
12999 posts

Uber Geek

ID Verified
Trusted
Lizard Networks

  #1686349 12-Dec-2016 09:19
Send private message

Scary flaw to have in there in this day and ages.

 

 

 

Ammazed that something so simple still stands in routers.. surely we learnt from back in the day when this first came out?





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 

 


michaelmurfy
meow
13243 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #1686357 12-Dec-2016 09:47
Send private message

With most of these routers flash with Advanced Tomato and be done with it. This is bad...

 

The likleyhood of an attack is slim however as this has to be exploited client side. With the Marai botnet doing its rounds it wouldn't surprise me if it was able to send phishing emails out hoping to get more victims. There is already this same exploit for some TP-LINK and DLINK routers with unpatched firmware (this is going back a few years).





Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.




hio77
12999 posts

Uber Geek

ID Verified
Trusted
Lizard Networks

  #1686360 12-Dec-2016 09:50
Send private message

michaelmurfy:

 

With most of these routers flash with Advanced Tomato and be done with it. This is bad...

 

The likleyhood of an attack is slim however as this has to be exploited client side. With the Marai botnet doing its rounds it wouldn't surprise me if it was able to send phishing emails out hoping to get more victims. There is already this same exploit for some TP-LINK and DLINK routers with unpatched firmware (this is going back a few years).

 

 

 

 

as its only over http, it's easily exploited over a iframe or js remember..





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 

 


freitasm
BDFL - Memuneh
79270 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #1686396 12-Dec-2016 10:34
Send private message

At the end of the day I don't see any of these manufacturers giving a damn. 





Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


Lias

5589 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #1686467 12-Dec-2016 11:24
Send private message

I'm not sure how many people here will be running stock firmware, but plenty of not so technical people who brought them from Noel Leemings etc will be. 





I'm a geek, a gamer, a dad, a Quic user, and an IT Professional. I have a full rack home lab, size 15 feet, an epic beard and Asperger's. I'm a bit of a Cypherpunk, who believes information wants to be free and the Net interprets censorship as damage and routes around it. If you use my Quic signup you can also use the code R570394EKGIZ8 for free setup.


trig42
5810 posts

Uber Geek

ID Verified

  #1686494 12-Dec-2016 12:23
Send private message

I'm running stock on an R7000.

 

No chance I will run anything from a website I don't know. Will look at putting the Tomato on it this weekend.


 
 
 
 

Send money globally for less with Wise - one free transfer up to NZ$900 (affiliate link).
Skillie
192 posts

Master Geek


  #1686633 12-Dec-2016 18:49
Send private message

trig42:

 

I'm running stock on an R7000.

 

No chance I will run anything from a website I don't know. Will look at putting the Tomato on it this weekend.

 

 

Maybe using a non-standard IP address for the router (and dhcp server) could offer some interim defense - see details here - http://routersecurity.org/ipaddresses.php

 

 


Skillie
192 posts

Master Geek


  #1686642 12-Dec-2016 18:54
Send private message

Computerworld has a detailed article (and how to test your router's vulnerability) here - http://www.computerworld.com/article/3148680/networking/easily-exploited-netgear-router-flaw-discovered.html

 

 


Skillie
192 posts

Master Geek


  #1686645 12-Dec-2016 18:57
Send private message
lNomNoml
1807 posts

Uber Geek

ID Verified

  #1687840 14-Dec-2016 18:56
Send private message

allio:

 

 

By convincing a user to visit a specially crafted web site, a remote attacker may execute arbitrary commands with root privileges on affected routers. A LAN-based attacker may do the same by issuing a direct request, e.g. by visiting: http:///cgi-bin/;COMMAND

 

 

Wow. That has to be one of the biggest security holes out there.

 

If you're running stock firmware, may I suggest now would be a good time to try out some third-party alternatives? AdvancedTomato had an uptime of about 200 days on my R7000 until a power cut the other night.

 

 

 

 

Interesting, I've never put 3rd party firmware on before, will give this a try thanks.

 

 

 

Actually after seeing people complain about the WiFi range and speed being worse on this, I think I'll just stick with stock and just install the beta patch. :D


lNomNoml
1807 posts

Uber Geek

ID Verified

  #1692078 19-Dec-2016 10:41
Send private message

There are now a few production firmware fixes available for anyone interested: Linky


Skillie
192 posts

Master Geek


  #1693862 22-Dec-2016 14:39
Send private message

Updated all my R7000s (Router, WiFi Bridge & AP) - so far so good!

 

(WiFi on FibreX Max)

 


webwat
2036 posts

Uber Geek

Trusted

  #1694950 25-Dec-2016 21:04
Send private message

And here I thought it was a feature...





Time to find a new industry!


Skillie
192 posts

Master Geek


  #1701131 10-Jan-2017 21:15
Send private message

Netgear has partnered with Bugcrowd to offer between $150 and $15,000 to researchers who find security flaws in its hardware, mobile apps, and APIs etc - see full article here http://www.tomshardware.com/news/netgear-bugcrowd-bug-bounty-program,33342.html

 

Is this initiative too little too late or a step in the right direction?


Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00


eero Pro 7 Review
Posted 23-Jul-2025 12:07


BeeStation Plus Review
Posted 21-Jul-2025 14:21


eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01


WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32


RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26


Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24


Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05


Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01


Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01


Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22


Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46


Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42


D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34


Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.