Hardware

Netgear routers affected by a major vulnerability

Table of contents:

Anonim

Those who have a Netgear brand router should pay special attention to this article, since it was revealed yesterday by PCWorld, a vulnerability that was reported last August.

Multiple Netgear routers affected by a security breach

The vulnerability originates from the router's web interface software and the handling of the authentication form. This vulnerability can be easily exploited externally by anyone to authenticate themselves to the router and do anything.

The affected routers are the R7000, R7000P, R7500, R7800, R8500 and R9000, some of Netgear's most expensive products. Although the vulnerability was reported in August, it was not until PCWorld released it that Netgear accepted this vulnerability in a statement.

If you have any of these routers, it is possible to know if the model you have has this vulnerability. You can write in your browser:

http: /// cgi-bin /; uname $ IFS-a

If you display information other than a blank page or an error page, your computer is vulnerable. This failure can be exploited even when the computer does not have access to the web interface from outside the local network. All management is done through an HTTP request and can be violated with a Cross Site Request Forgery (CSRF) attack.

Netgear says it is already working to fix this problem with a firmware update, which will be available "as soon as possible ."

Hardware

Editor's choice

Back to top button