CERT advises users to 'discontinue use' of two Netgear routers due to major security flaw

In a major setback for Netgear, it appears that at least two of its high-end routers may contain a severe security flaw according to an advisory issued by CERT.

The vulnerability itself is incredibly easy to leverage and simply relies upon accessing a specially crafted URL in the following format from the local network:

http://< router_IP >/cgi-bin/;COMMAND

The above will result in a command injection attack via the router's web interface which will execute arbitrary commands with root privileges. Notably, the attack can be initiated remotely by an attacker who manages to fool a local user into clicking on a malicious URL hidden behind a shortened link. Otherwise, a nefarious user already on the local network can craft and visit a URL of their choice in order to achieve the same outcome.

So far, the two routers that have been confirmed to be susceptible to this vulnerability are:

  • Netgear R6400 with firmware version 1.0.1.6_1.0.4 (and possibly earlier)
  • Netgear R7000 with firmware version 1.0.7.2_1.1.93 (and possibly earlier)

While unconfirmed by CERT, one Reddit user indicated that their Netgear R8000 router was also affected by the flaw, which means that the list of impacted hardware may well expand over the coming days.

In terms of a present solution, CERT has advised that it "is currently unaware of a practical solution to this problem" with the only viable workaround being that users "discontinue use" of the routers until a fix is made available from Netgear. Whilst inconvenient, such a mitigation would help prevent affected devices from being enrolled in botnets, including those leveraging the Mirai source code posted online back in October, and used in large-scale DDoS attacks.

Source: CERT via Bleeping Computer | Security image via Shutterstock

Report a problem with article
1480816344_game_library
Next Article

This Weekend's PC Game Deals: The sale before the Steam Winter Sale

1481345865_7_days_lkarngflsdr
Previous Article

7 Days: A week of Microsoft's new AI, Windows 10 on ARM, and Lonely Nights

36 Comments - Add comment

Advertisement