Advisory ID: NETGEAR-PVA-2015-001
CVE: Not yet available (MITRE informed)
Updated Report Date: 2015-03-24
Status: Pending review
Revision: 2
Overview
A security researcher disclosed a vulnerability that affects several NETGEAR wireless routers. The vulnerability exists when remote management is turned on.
All NETGEAR routers ship with remote management turned off as a default setting. The vulnerability can potentially be used to obtain information from the device by sending a request that doesn't require authentication. The information that can be exposed includes the administrator password, device serial number, wireless network details including password and information about connected clients. For more information about this vulnerability, visit http://seclists.org/fulldisclosure/2015/Feb/56
Affected Products
- AC1450
- C6300
- D500
- D1500
- D3600
- D6000
- D6100
- D6200
- D6200B
- D6300B
- D6300
- DGN1000v3
- DGN2200v1
- DGN2200v3
- DGN2200V4
- DGN2200Bv3
- DGN2200Bv4
- DGND3700v1
- DGND3700v2
- DGND3700Bv2
- JNR1010v1
- JNR1010v2
- JNR3300
- JR6100
- JR6150
- JWNR2000v5
- R2000
- R6050
- R6100
- R6200
- R6200v2
- R6220
- R6250
- R6300
- R6300v2
- R6700
- R7000
- R7900
- R7500
- R8000
- WGR614v10
- WNR1000v2
- WNR1000v3
- WNR1000v4
- WNR2000v3
- WNR2000v4
- WNR2000v5
- WNR2200
- WNR2500
- WNR3500Lv2
- WNDR3400v2
- WNDR3400v3
- WNDR3700v3
- WNDR3700v4
- WNDR3700v5
- WNDR4300
- WNDR4300v2
- WNDR4500v1
- WNDR4500v2
- WNDR4500v3
Recommendations:
- Ensure that these settings are active:
- Your WiFi security is ON to prevent unauthorized devices from joining your network. This is ON by default on our routers & gateways.
- Remote management is OFF to prevent unauthorized devices from accessing your network from the WAN. This is OFF by default.
- Look for an email notification from NETGEAR for information about the posting of new firmware that resolves this issue. If you have not yet registered your device to receive notifications, you can do so at https://my.netgear.com/registration/login.aspx
We appreciate and value having security concerns brought to our attention. NETGEAR constantly monitors for both known and unknown threats. Being pro-active rather than re-active to emerging security issues is fundamental for product support at NETGEAR.
It is NETGEAR's mission to be the innovative leader in connecting the world to the internet. To achieve this mission, we strive to earn and maintain the trust of those that use NETGEAR products for their connectivity.
To report a security vulnerability, visit https://bugcrowd.com/netgear.
If you are a NETGEAR customer with a security-related support concern, you can contact NETGEAR customer support at techsupport.security@netgear.com.
For all other issues, visit http://www.netgear.com/about/security/.
The security@netgear.com email address is no longer accepting messages and is no longer actively monitored.
Last Updated:01/06/2017
|
Article ID: 27253