1 min read

Netgear routers can be easily exploited, US-CERT warns

Alexandra GHEORGHE

December 12, 2016

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Netgear routers can be easily exploited, US-CERT warns

Several Netgear routers are vulnerable to a command injection flaw and can be remotely hijacked, according to an US-CERT advisory.

Exploiting this vulnerability is trivial”, the advisory reads. “By convincing a user to visit a specially crafted web site, a remote attacker may execute arbitrary commands with root privileges on affected routers.”

The flaw, discovered by a user going by the Twitter handle Acew0rm, affects models R7000 and R6400 running older and current firmware. US-CERT also added the R8000, firmware version 1.0.3.4_1.1.2, on the list of vulnerable devices.

An exploit leveraging this severe vulnerability has been publicly disclosed, enticing hackers to carry out attacks on the vulnerable aforementioned equipment.

Shodan reports some 2600k Internet-facing Netgear R7000 routers and around 800 R6400 routers, in the US only. Most of them are used by telecom/cable companies.

Source: Shodan
Source: Shodan

US-CERT advises users to stop using the flawed devices, until a fix becomes available. It also recommends a temporary workaround aimed at disabling the web server until the device is restarted.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Most Employees Believe Passwords Affect Their Productivity, Research Finds Most Employees Believe Passwords Affect Their Productivity, Research Finds
Silviu STAHIE

December 06, 2021

1 min read
US State Department iPhones Infected with Pegasus Spyware – Report US State Department iPhones Infected with Pegasus Spyware – Report
Filip TRUȚĂ

December 06, 2021

2 min read
Phishers Targeting Victims with ‘Free’ PCR Test for Omicron COVID-19 Variant Phishers Targeting Victims with ‘Free’ PCR Test for Omicron COVID-19 Variant
Filip TRUȚĂ

December 03, 2021

2 min read