Netgear Posts Firmware Updates After 31 Router Models Found Vulnerable To Password Hijacking

Now might be a good time for Netgear to start doubling down on security for its networking products. The folks over at Trustwave found that 31 Netgear router models are susceptible to a security vulnerability that exposes the devices’ web GUI password to nefarious parties.

More specifically, an attacker is able to take advantage of a router’s password recovery system in order to obtain login credentials, granting full access to the device. Needless to say, this is huge security oversight that could have wide-ranging implications for affected routers.

“After few trials and errors trying to reproduce the issue, I found that the very first call to passwordrecovered.cgi will give out the credentials no matter what the parameter you send,” wrote Trustwave’s Simon Kenin. “This is totally new bug that I haven't seen anywhere else. When I tested both bugs on different Netgear models, I found that my second bug works on a much wider range of models.”

netgear r6200

Given the large number of affected models, Trustwave surmises that “hundreds of thousands, if not over a million” devices are vulnerable to this password exploit. “As many people reuse their password, having the admin password of the router gives us an initial foothold on the network,” Kenin adds. “We can see all the devices connected to the network and try to access them with that same admin password.”

The sheer number of routers also means that many of them could be susceptible to being sucked into nefarious operations, like the Mirai botnet that has caused havoc across the internet.

If you have one of the 31 Netgear routers that are vulnerable to the exploit, we have good news and bad news for you. The good news is that Netgear has provided firmware updates that should close the loophole for 18 models. Another two models, after further examination, are deemed to be completely safe from attacks.

However, the remaining models do not yet have a firmware solution in place. In this instance, Netgear suggests that you manually enable password recovery on your device and ensure that remote management is disabled until a fix can be provided. “The potential for password exposure remains if you do not complete both steps,” Netgear writes. “Netgear is not responsible for any consequences that could have been avoided by following the recommendations in this notification.’

This isn’t the first time that Netgear has come under fire for security lapses on its networking products. In early December, a number of routers were found to be vulnerable to remote attacks.


Tags:  Netgear, botnet, mirai
Via:  Trustwave
Show comments blog comments powered by Disqus