WHO’S HACKING YOUR ROUTER?
Install new firmware fix for huge security flaw
Instructions p6
A security researcher has revealed how he exposed a flaw in Netgear routers that allows hackers to access admin passwords, forcing the company to issue emergency fixes for 31 models.
Simon Kenin from Chicago-based security company Trustwave, said that he discovered the vulnerability early last year. In a blog post ( www.snipca. com/23360), he writes that he needed to reset his Netgear router, but was “tucked in bed, cosy and warm”, and so didn’t want to go downstairs.
He chose instead to reboot the router via its website, but couldn’t recall the password. He tried to recover it by hacking the website’s security.
After some trial and error, he found “a totally new bug” that would allow a hacker to easily steal your log-in details if they were on the same Wi-fi network. They could also do so from another network if your router had remotemanagement turned on (it’s disabled by default on Netgear models).
He reported the flaw to Netgear, which last June admitted that 18 models were at risk, and released firmware updates to fix the vulnerability.
Since then Trustwave identified more Netgear routers it claims are vulnerable, but for which the company hadn’t released updates. In January, just as the researchers were about to announce these new flaws publicly, Netgear contacted them to say that it would release fixes.
Kenin claims that while Trustwave found more than 10,000 vulnerable devices, the total number is “probably in the hundreds of thousands, if not over a million”.
What you must do
If you have a Netgear router you should visit www.snipca. com/23359, where the company has published links to firmware updates for 19 routers, including nine in its Nighthawk range (one of these, the R7000, is pictured above).
Check the list for your router model, then click the link to go to the firmware download page and follow Netgear’s instructions. They recommend downloading the update on a wired connection, because
Wi-fi can potentially cause “disconnect issues”.
Netgear hasn’t released an update for the other 12 routers, and so as a temporary solution it is suggesting you reset the password-recovery feature (following the instructions at www.snipca. com/23363). You should then disable the remotemanagement tool using the instructions in your user manual. You can find this at www.netgear.com/support. •
For more help email techsupport.security@ netgear.com.