Netgear releases first final firmware updates for router security issue

Netgear has released the first batch of production firmware fixes for company routers affected by a serious security vulnerability.

Cert issued a warning on December 9, 2016 that several Netgear routers are vulnerable to arbitrary command injection. Cert listed only two router models but has since then added other models to the list.

Currently, the Netgear routers R6200, R6250, R6400, R6700, R6900, R7000, R7100LG, R7300, R7900, R8000, D6220, and D6400 are affected by the vulnerability.

The attacker needs to convince a user to follow a link to a specially crafted web page. An attacker on the same local area network may do the same by issuing a direct request using the syntax http://<router_IP>/cgi-bin/;COMMAND.

The attacker may in either way execute commands with root privileges on the affected router. The command http://RouterIP/;telnetd$IFS-p$IFS'45' will open Telnet on port 45 for instance.

Netgear router firmware updates

netgear router update

Netgear has released firmware updates for affected routers. The first firmware updates the company released were labeled beta. The first four production firmware (stable) were released for the models R6250, R6400, R7000 and R8000 now.

  1. R6250 Firmware Version 1.0.4.6
  2. R6400 Firmware Version 1.0.1.18
  3. R7000 Firmware Version 1.0.7.6
  4. R8000 Firmware Version 1.0.3.26

Additionally, beta firmware releases for the following Netgear routers are also still available:



  1. R6700 Firmware Version 1.0.1.14 (Beta)
  2. R6900 Firmware Version 1.0.1.14 (Beta)
  3. R7100LG Firmware Version 1.0.0.28 (Beta)
  4. R7300DST Firmware Version 1.0.0.46 (Beta)
  5. R7900 Firmware Version 1.0.1.8 (Beta)

Netgear notes that it continues to review its entire portfolio of routers to find out if other router models are affected by the vulnerability as well.

Read also:  Google discloses another unpatched Windows vulnerability

You find instructions on how to download and install these firmware updates on the router on the support pages.

The instructions are all very similar. Download the firmware (with a .chk extension), to the local computer system. Log in to the router via http://www.routerlogin.net afterwards, and select Advanced > Administration > Firmware Upgrade. Click on browse, and then on the firmware update file that you just downloaded. Select upload to upgrade the router, and wait for the process to complete, and make sure you don't power off the device or change its state during that process.

The main support page on the Netgear website that lists all affected routers and links to firmware updates is available here. Netgear will update the page when it releases production firmware for routers with beta firmware, and will also list any new router model affected by the vulnerability as well there on this page.

 

 

Summary
Article Name
Netgear releases first final firmware updates for router security issue
Description
Netgear has released the first batch of production firmware fixes for company routers affected by a serious security vulnerability.
Author
Publisher
Ghacks Technology News
Logo

Please share this article

Facebooktwittergoogle_plusredditlinkedinmail



Responses to Netgear releases first final firmware updates for router security issue

  1. Al December 21, 2016 at 3:38 pm #

    Too late Netgear! You pushed me to move to Tomato and I am loving it! Now that I know how easy it is, and how superior the functions are, I doubt I will be buying a new router again, just a used one I can install a custom OS. So, thanks!

  2. Robert December 21, 2016 at 7:26 pm #

    Updated. Thanks Martin.

  3. akunin December 21, 2016 at 8:04 pm #

    The lesson stays the same: never buy a router without DD/Open-WRT support.

  4. Ray December 23, 2016 at 1:21 pm #

    I have a Netgear R6300v2 Router. I tried to find out if it is involved in this Router fiasco going on now,but i don't see anything regarding my Router. Any help or Info please?

Leave a Reply