Frequently Asked Questions
What is the vulnerability and what does it mean to my router?
It was discovered that the security mechanism to authenticate the administrator to the router can be bypassed with a script that repeatedly calls a specific URL. The attacker can subsequently gain access to the router settings page.
How can someone launch this attack?
The attack can only be launched once the attacker gets on the network by either connecting wirelessly to the network, with a Ethernet connection to the router, or remotely from the Internet if the remote management feature is turned on. By default remote management is turned off.
How do I prevent this attack?
First step of all security measures is to block unauthorized access to your network. By default NETGEAR routers are pre-configured with random security SSID and passphrase. It is recommended to change the SSID and passphrase, as well as administrator password to the router setup GUI page. You can also block unauthorized device from the NETGEAR genie app or desktop application by right-clicking on the unauthorized device in the Network Map.
Is my router affected?
The following router models are affected.
JNR1010v2 / WNR614 / WNR618 / JWNR2000v5 / WNR2020 / JWNR2010v5 / WNR1000v4 / WNR2020v2 / R6220 / WNDR3700v5
What is NETGEAR doing about it?
NETGEAR takes customer security seriously and has released a firmware that fixes this issue. Details can be found on the firmware release notes articles # 29959, 29461, and 27635.
Customers can be notified of the new firmware by checking the Router Update page, desktop, and mobile genie app. NETGEAR will also proactively notify registered users via email.
Where do I find NETGEAR genie App?
You can download NETGEAR genie App here http://www.netgear.com/home/discover/apps/genie.aspx
We appreciate and value having security concerns brought to our attention. NETGEAR constantly monitors for both known and unknown threats. Being pro-active rather than re-active to emerging security issues is fundamental for product support at NETGEAR.
It is NETGEAR's mission to be the innovative leader in connecting the world to the internet. To achieve this mission, we strive to earn and maintain the trust of those that use NETGEAR products for their connectivity.
To report a security vulnerability, visit https://bugcrowd.com/netgear.
If you are a NETGEAR customer with a security-related support concern, you can contact NETGEAR customer support at techsupport.security@netgear.com.
For all other issues, visit http://www.netgear.com/about/security/.
The security@netgear.com email address is no longer accepting messages and is no longer actively monitored.
Last Updated:04/25/2023
|
Article ID: 29960