These 45Netgear routers can be hacked and will not be fixed — What to Do now

These 45Netgear routers can be hacked and will not be fixed — What to Do now

Updated comments from Netgear, Inc.

Netgear's 45 different Wi-Fi routers and home gateways have been found not to be security patched, despite a serious security flaw that was disclosed in June.

If you own or use one of these routers, it is best to throw it away and get a new one. If you are technically inclined, you can try installing open source router firmware such as OpenWRT on older models.

These routers were among about 80 Netgear models that were vulnerable to hijacking by hackers who exploited flaws in the management interface. The Netgear router flaw was revealed in mid-June.

Since then, Netgear has provided a series of firmware updates and "hot fixes" for individual models, but until last week it was not clear which models would not receive the fix.

Now we know. Netgear updated its advisory on the issue on July 20 to clarify each affected model and whether that model will get a temporary hot fix, a full "product release" firmware patch, or, sadly, whether that model is "out of security support period " and listed in a grid whether it will get anything.

Tom's Guide reached out to Netgear for comment.

Our friends at The Register went through Netgear's grid and took the trouble to create a text list of each dead router. We have borrowed that list and include it below.

There is one problem, however: Netgear is not very good at telling consumers the actual model number of the router. So, for example, if you think "Nighthawk Smart WiFi AC1900," that is just a marketing term for both the R6900 and R7000. (Both have hotfixes available. The model number is printed there. Some model numbers are different, like R6300 (or R6300v1) and R6300v2. In this case, v1 is "out of security support period" and v2 has the hot fix applied.

All routers that are not declared part of the walking dead are available with a hot fix or bona fide firmware update. General instructions on how to update a Netgear router can be found at the end of the previous article.

A Netgear representative issued the following statement:

"Netgear is providing firmware updates with fixes for all supported products previously published by ZDI and Grimm. The remaining products included in the published list are not supported by us. In this specific case, the parameter was based on the date of the last sale of the product to the channel, which was set to more than three years." [25

Categories