Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




3907 posts

Uber Geek

Trusted
Lifetime subscriber

# 206153 12-Dec-2016 08:49
One person supports this post
Send private message

There is an unpatched vulnerability in these that allows remote command injection, and public exploit code for said vulnerability. 

 

Full details at https://www.kb.cert.org/vuls/id/582384

 

Confirmed to be an issue on the R6400/R7000 models, but as per the CERT entry at least one firmware revision of the R8000 is vulnerable according to community reports and other Netgear routers may be vulnerable.

 

 





Information wants to be free. The Net interprets censorship as damage and routes around it.


Create new topic
614 posts

Ultimate Geek


  # 1686346 12-Dec-2016 09:12
One person supports this post
Send private message

 

By convincing a user to visit a specially crafted web site, a remote attacker may execute arbitrary commands with root privileges on affected routers. A LAN-based attacker may do the same by issuing a direct request, e.g. by visiting: http:///cgi-bin/;COMMAND

 

 

Wow. That has to be one of the biggest security holes out there.

 

If you're running stock firmware, may I suggest now would be a good time to try out some third-party alternatives? AdvancedTomato had an uptime of about 200 days on my R7000 until a power cut the other night.


'That VDSL Cat'
11191 posts

Uber Geek

Trusted
Spark
Subscriber

  # 1686349 12-Dec-2016 09:19
Send private message

Scary flaw to have in there in this day and ages.

 

 

 

Ammazed that something so simple still stands in routers.. surely we learnt from back in the day when this first came out?





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


 
 
 
 


Mr Snotty
8913 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  # 1686357 12-Dec-2016 09:47
2 people support this post
Send private message

With most of these routers flash with Advanced Tomato and be done with it. This is bad...

 

The likleyhood of an attack is slim however as this has to be exploited client side. With the Marai botnet doing its rounds it wouldn't surprise me if it was able to send phishing emails out hoping to get more victims. There is already this same exploit for some TP-LINK and DLINK routers with unpatched firmware (this is going back a few years).





'That VDSL Cat'
11191 posts

Uber Geek

Trusted
Spark
Subscriber

  # 1686360 12-Dec-2016 09:50
Send private message

michaelmurfy:

 

With most of these routers flash with Advanced Tomato and be done with it. This is bad...

 

The likleyhood of an attack is slim however as this has to be exploited client side. With the Marai botnet doing its rounds it wouldn't surprise me if it was able to send phishing emails out hoping to get more victims. There is already this same exploit for some TP-LINK and DLINK routers with unpatched firmware (this is going back a few years).

 

 

 

 

as its only over http, it's easily exploited over a iframe or js remember..





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


BDFL - Memuneh
64825 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber



3907 posts

Uber Geek

Trusted
Lifetime subscriber

  # 1686467 12-Dec-2016 11:24
Send private message

I'm not sure how many people here will be running stock firmware, but plenty of not so technical people who brought them from Noel Leemings etc will be. 





Information wants to be free. The Net interprets censorship as damage and routes around it.


Banana?
4872 posts

Uber Geek

Subscriber

  # 1686494 12-Dec-2016 12:23
Send private message

I'm running stock on an R7000.

 

No chance I will run anything from a website I don't know. Will look at putting the Tomato on it this weekend.


 
 
 
 


191 posts

Master Geek


  # 1686633 12-Dec-2016 18:49
Send private message

trig42:

 

I'm running stock on an R7000.

 

No chance I will run anything from a website I don't know. Will look at putting the Tomato on it this weekend.

 

 

Maybe using a non-standard IP address for the router (and dhcp server) could offer some interim defense - see details here - http://routersecurity.org/ipaddresses.php

 

 


191 posts

Master Geek


  # 1686642 12-Dec-2016 18:54
Send private message

Computerworld has a detailed article (and how to test your router's vulnerability) here - http://www.computerworld.com/article/3148680/networking/easily-exploited-netgear-router-flaw-discovered.html

 

 


191 posts

Master Geek


  # 1686645 12-Dec-2016 18:57
Send private message
1376 posts

Uber Geek


  # 1687840 14-Dec-2016 18:56
Send private message

allio:

 

 

By convincing a user to visit a specially crafted web site, a remote attacker may execute arbitrary commands with root privileges on affected routers. A LAN-based attacker may do the same by issuing a direct request, e.g. by visiting: http:///cgi-bin/;COMMAND

 

 

Wow. That has to be one of the biggest security holes out there.

 

If you're running stock firmware, may I suggest now would be a good time to try out some third-party alternatives? AdvancedTomato had an uptime of about 200 days on my R7000 until a power cut the other night.

 

 

 

 

Interesting, I've never put 3rd party firmware on before, will give this a try thanks.

 

 

 

Actually after seeing people complain about the WiFi range and speed being worse on this, I think I'll just stick with stock and just install the beta patch. :D


1376 posts

Uber Geek


  # 1692078 19-Dec-2016 10:41
Send private message

There are now a few production firmware fixes available for anyone interested: Linky


191 posts

Master Geek


  # 1693862 22-Dec-2016 14:39
Send private message

Updated all my R7000s (Router, WiFi Bridge & AP) - so far so good!

 

(WiFi on FibreX Max)

 


1990 posts

Uber Geek

Trusted

  # 1694950 25-Dec-2016 21:04
One person supports this post
Send private message

And here I thought it was a feature...





Qualified in business, certified in fibre, stuck in copper, have to keep going  ^_^

191 posts

Master Geek


  # 1701131 10-Jan-2017 21:15
Send private message

Netgear has partnered with Bugcrowd to offer between $150 and $15,000 to researchers who find security flaws in its hardware, mobile apps, and APIs etc - see full article here http://www.tomshardware.com/news/netgear-bugcrowd-bug-bounty-program,33342.html

 

Is this initiative too little too late or a step in the right direction?


Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Chorus to launch Hyperfibre service
Posted 18-Nov-2019 15:00


Microsoft launches first Experience Center worldwide for Asia Pacific in Singapore
Posted 13-Nov-2019 13:08


Disney+ comes to LG Smart TVs
Posted 13-Nov-2019 12:55


Spark launches new wireless broadband "Unplan Metro"
Posted 11-Nov-2019 08:19


Malwarebytes overhauls flagship product with new UI, faster engine and lighter footprint
Posted 6-Nov-2019 11:48


CarbonClick launches into Digital Marketplaces
Posted 6-Nov-2019 11:42


Kordia offers Microsoft Azure Peering Service
Posted 6-Nov-2019 11:41


Spark 5G live on Auckland Harbour for Emirates Team New Zealand
Posted 4-Nov-2019 17:30


BNZ and Vodafone partner to boost NZ Tech for SME
Posted 31-Oct-2019 17:14


Nokia 7.2 available in New Zealand
Posted 31-Oct-2019 16:24


2talk launches Microsoft Teams Direct Routing product
Posted 29-Oct-2019 10:35


New Breast Cancer Foundation app puts power in Kiwi women's hands
Posted 25-Oct-2019 16:13


OPPO Reno2 Series lands, alongside hybrid noise-cancelling Wireless Headphones
Posted 24-Oct-2019 15:32


Waikato Data Scientists awarded $13 million from the Government
Posted 24-Oct-2019 15:27


D-Link launches Wave 2 Unified Access Points
Posted 24-Oct-2019 15:07



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.