NETGEAR is aware of a command execution and FTP insecure root directory security vulnerability that affects the DGN2200v4 modem router that can allow hackers who have the router's admin password to inject OS commands that can possibly be used to backdoor the router and modify Internet traffic and to access files in the root directory.
An updated version of DGN2200v4 firmware to resolve the vulnerability is in test. NETGEAR plans to release the firmware by the end of November 2016.
In the meantime, NETGEAR recommends that you take these steps:
- Change your modem router admin password and keep it secure to reduce the chances of a command execution vulnerability. To change the password, log in to your modem router, select Advanced > Administration > Set Password, complete the fields, and click the Apply button to save the change.
- Ensure that FTP is disabled on your modem router. FTP is disabled by default on the DGN2200v4 modem router. To check your settings, log in to your modem router, select Advanced > USB Storage > Advanced Settings and make sure that the FTP check box is clear. If it is selected, clear the check box and click the Apply button to save the change.
For more information about the DGN2200v4 modem router, see the user manual for this product, which is available for download at http://www.downloads.netgear.com/files/GDC/DGN2200V4/DGN2200v4_UM_29Oct2015.pdf.
Note: If the recommended steps are not completed as described, the potential to allow hackers who have the router's admin password to inject OS commands that can possibly be used to backdoor the router and modify Internet traffic and to access files in the root directory exists. NETGEAR is not responsible for any consequences that could have been avoided by changing the admin password as recommended.
NETGEAR will update this KB article as more information becomes available.
We appreciate and value having security concerns brought to our attention. NETGEAR constantly monitors for both known and unknown threats. Being pro-active rather than re-active to emerging security issues is fundamental for product support at NETGEAR.
It is NETGEAR's mission to be the innovative leader in connecting the world to the internet. To achieve this mission, we strive to earn and maintain the trust of those that use NETGEAR products for their connectivity.
To report a security vulnerability, visit https://bugcrowd.com/netgear.
If you are a NETGEAR customer with a security-related support concern, you can contact NETGEAR customer support at techsupport.security@netgear.com.
For all other issues, visit http://www.netgear.com/about/security/.
The security@netgear.com email address is no longer accepting messages and is no longer actively monitored.
Last Updated:01/06/2017
|
Article ID: 31245