Do you have a Netgear router? I do, and I'll probably need to patch mine soon.
That's because the enterprising folks at Grimm, a D.C.-area security firm, have once again discovered a very serious Netgear flaw, as detailed in their November 16 report. This follows a Netgear security update in September of this year.
This time, Netgear has listed over 40 different models of routers, range extenders, and other devices, ranging from nearly a decade old models to brand new models on our Best Wi-Fi Routers list, to protect themselves from hackers taking over firmware updates need to be installed.
Unfortunately, nearly 40 other Netgear models may not receive the update, as many of them are already too old to receive further support.
A list of all affected models is included at the end of this article. In all, about 80 different Wi-Fi routers, Wi-Fi range extenders, DSL gateways, and other devices are affected. The number of individual devices affected is at least in the hundreds of thousands and could be in the millions.
The newer the Netgear router, the easier it is to update the firmware; Netgear's Orbi mesh routers typically update themselves. They also come with a smartphone app that can be used to check for and install updates.
Netgear's Nighthawk routers also have a companion app, but on at least some models, using the companion app is optional, as is setting automatic updates. On some Nighthawks, it is generally best to go into the management interface (try "http://192.168.1.1/admin" or "routerlogin.net" while connected to your home network) and check the "Advanced Settings" section for firmware updates. From there you should be able to launch the update sequence.
If the above methods do not work for your Netgear router, you will need to go to Netgear Support athttps://www.netgear.com/support/ and enter your router's model number in the search file at the top of the page. (More information on how to update your router's firmware can be found here. Some routers proudly list the brand name and specifications on the box, such as "Nighthawk AXE11000 Tri-Band WiFi 6E." However, this is not the model name; it is actually "RAXE500." (This is the router pictured in the photo at the top of this article and needs to be patched.)
Look for a sticker on the router itself indicating the model number. To further complicate things, you may see "v2" or "v3" appended to the model number, as Netgear may change the internal circuitry of the router while the exterior remains the same during its manufacturing life.
Once you have the model number, use the search function on the Netgear support site to navigate to the support page for that model. Scroll down the page to find "Firmware and Software Downloads" and click on it.
You will then see a button to download the firmware update to your PC or Mac. Remember to click on the Release Notes link just below it. The firmware update itself may come with instructions.
The critical flaw in all these models involves a stack overflow vulnerability in the universal plug-and-play component of the router firmware. The flaw is cataloged as CVE-2021-34991 and is listed as applying only to certain routers with a specific firmware version that was updated on September 16. However, the problem is much more widespread than that.
Universal Plug and Play, or UPnP for short, is a protocol that allows new devices such as game consoles and printers to connect to routers without fuss. Due to the character limit in one feature of the UPnP protocol in Netgear routers, an attacker on the local network (i.e., already linked to the router as an ordinary user) can send malicious commands that override the router's internal safeguards to the router to the router, allowing the router to be fully controlled without any authorization whatsoever.
Once that is done, an attacker can see almost everything you do online and can also send you to malicious websites or hack into more devices on your network.
You might think that keeping intruders out of your network would be enough to prevent such attacks, but cracking the access passwords of Wi-Fi networks or allowing malicious It is not that difficult to sneak software into poorly secured devices (e.g., old PCs and smart home devices).
If possible, you want to install Netgear firmware updates straight into the router.
Below is a list of models for which a firmware update or "hot fix" to correct this flaw is available, copied from the Netgear website, and the latest firmware version that should be updated.
Routers
DSL Modem Routers:
Wi-Fi Extenders:
Air Cards:
Cable Modems:
The following is a According to Grimm, the following firmware version numbers are vulnerable.
Unfortunately, Netgear's list of patches includes models that are not on Grimm's list of vulnerable devices. And there are models not on Grimm's list, but not on Netgear's list, that have received security patches in recent months and have firmware versions beyond the vulnerable ones listed below.
Complicating matters further, there are six models that Grimm says are not vulnerable because past firmware updates have "broken" UPnP. Four of those models (D6220, D6400, R6400, and R7000) are on Netgear's list of patched models; two, the D8500 and R6300v2, are not, and the only firmware updates available are the following vulnerable ones.
If you are using one of the following models, please follow the instructions above on how to check Netgear's support site to see if a firmware update is available for your model.
If the version number of the available firmware update is later than the one below, it is likely that a patch for the above defect has been applied. Please install the update.
However, if the version number of the available firmware update matches the firmware number below and the release note date is more than a few months old, it may be time to purchase a new router.
.
Comments