
Home Routers Part of Feds Warning on Multiple Vulnerabilities Found in NETGEAR Products
The US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory about NETGEAR networking products. The affected devices include internet routers that are typically used in homes. Information is also available from NETGEAR. Anyone using the listed equipment should update the firmware or replace the device.
Multiple security flaws have been discovered in NETGEAR products. The advisory includes some routers, mobile routers, modems, gateways, and extenders. The most severe security flaw could allow for remote code execution. That means a hacker who successfully exploits a security flaw can remote control the compromised device. They could spy on all of your internet activity including what websites you visited or steal information from the devices connected to your network.
If you work from home, a hacker who exploits this security vulnerability may be able to compromise your employer’s IT network as well. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute code remotely and gain full control of the affected system. Multiple failed exploit attempts could result in denial of service. Corporate system administrators must take these vulnerabilities into consideration when granting employees access to their networks.
CISA advises that users and system administrators immediately update to the most recent firmware. Not all devices have security patches though. NETGEAR will release firmware updates that patch these security flaws for all affected products that are within the security support period. Users should replace end-of-life devices that are no longer supported with security patches. Try these routers.
What is NETGEAR?
NETGEAR is a computer networking company based in San Jose, California. The company manufactures networked devices or consumers, businesses, and service providers such as Network Attached Storage (NAS), routers, switches, cable and DSL modems, and video cameras. NETGEAR makes home and business WiFi routers.
Systems Affected
- D6220 running firmware versions prior to 1.0.0.56
- D6400 running firmware versions prior to 1.0.0.90
- D7000v2 running firmware versions prior to 1.0.0.58
- D8500 running firmware versions prior to 1.0.3.46
- DC112A running firmware versions prior to 1.0.0.46
- DGN2200v4 running firmware versions prior to 1.0.0.112
- EX3700 running firmware versions prior to 1.0.0.80
- EX3800 running firmware versions prior to 1.0.0.80
- EX3920 running firmware versions prior to 1.0.0.80
- EX6120 running firmware versions prior to 1.0.0.50
- EX6130 running firmware versions prior to 1.0.0.32
- EX6920 running firmware versions prior to 1.0.0.50
- EX7000 running firmware versions prior to 1.0.1.86
- R6250 running firmware versions prior to 1.0.4.40
- R6400v2 running firmware versions prior to 1.0.4.94
- R6700v3 running firmware versions prior to 1.0.4.94
- R6900 running firmware versions prior to 1.0.2.12
- R6900P running firmware versions prior to 1.3.2.120
- R7000 running firmware versions prior to 1.0.11.102
- R7000P running firmware versions prior to 1.3.2.120
- R7100LG running firmware versions prior to 1.0.0.54
- R7850 running firmware versions prior to 1.0.5.58
- R7900 running firmware versions prior to 1.0.4.24
- R8000 running firmware versions prior to 1.0.4.56
- R8500 running firmware versions prior to 1.0.2.131
- RS400 running firmware versions prior to 1.5.0.46
- WNR3500Lv2 running firmware versions prior to 1.2.0.60
- XR300 running firmware versions prior to 1.0.3.44
Recommendations
The following actions are recommended to defend against cyber attacks:
- Verify that no unauthorized system modifications have occurred
- Follow the instructions found on NETGEAR’s site until a patch is available
- Download the latest security patch – firmware update or firmware hotfix – as soon as it is available for each device
- System administrators should monitor intrusion detection systems. Home users should use reliable antivirus software like McAfee
- Unless required, limit external network access to affected products
- Turn off Remote Management on your router or gateway web user interface