79 Netgear routers vulnerable to serious security flaw2020-06-19 17:59 by Daniela
Tags: Netgear, router, flaw
79 Netgear router models are vulnerable to a severe security flaw that can let hackers take over devices remotely. The oldest models date back to 2007.
The vulnerability has been discovered by two security researchers independently, namely Adam Nichols from cyber-security GRIMM and a security researcher going by the nickname of d4rkn3ss, working for Vietnamese internet service provider VNPT.
The vulnerability stems from the web server Netgear uses on its routers, which Nichols explains "has had very little testing" and unsurprisingly is therefore open to exploitation. In this case, Netgear isn't validating the user input for its administration panel properly, it isn't using "stack cookies," which protect against buffer overflow attacks, and the web server code isn't compiled using Position-independent Executable (PIE), so it can't take full advantage of address space layout randomization (ASLR), which again protects against buffer overflow attacks.
A Netgear spokesperson told ZDNet that firmware updates for two router models (R6400v2, R6700v3) have already been released, and new ones "are forth coming." However, not all routers are expected to receive patches, as some have already gone end-of-life many years before.
In order to stay safe, Netgear router owners can disable the "Remote Management" feature of their routers.They can do that by navigating to router's administrative interface (usually https://192.168.1.1) and then select the Advanced mode or tab, if there is one, and try to find something that looks like "Web Services Management" or "Remote Management."
Read more -here-