Skip to main content
  1. Home
  2. Computing
  3. News

It may be time to turn off your router: Netgear confirms security vulnerability

Jayce Wagner
By

Netgear Nighthawk R7000
Image used with permission by copyright holder
A serious security vulnerability affecting a number of Netgear brand routers surfaced Friday, and it reportedly could allow hackers to seize control of your home or office network and potentially intercept your sensitive data. The vulnerability was confirmed by CERT, a federally funded service that coordinates the response to serious software vulnerabilities, reports Ars Technica.

Netgear later confirmed the vulnerability was present in its R8000, R7000, and R6400 routers, but has not yet confirmed whether or not the R7000P, R7500, R7800, R8500, or R9000 models are also affected. According to the CERT report, users of any of the aforementioned routers should be cautious and should probably stop using the devices until a patch has been released.

Recommended Videos

The vulnerability is particularly insidious because of how simple it is to execute. According to Ars, the only thing you have to do as a user is to click on a malicious link, which can be easily disguised as something innocuous. The link then serves a set of instructions to your router, which will run the commands as a root user, allowing the malicious instructions to subvert your router’s security.

Related

Even if your router’s remote management is disabled, or is otherwise insulated from the internet, the commands will still be run by vulnerable routers, giving malicious third parties access to your local network and all the traffic that passes through it. Ars originally reported a temporary workaround that would protect you from the exploit, and the vulnerability was so severe that the best bet was to just switch it off and keep an eye on the Netgear security advisories for this particular exploit.

Fortunately, Netgear has now responded with a firmware update for the affected routers, either a production update or a beta update. It’s highly recommended that you click on your Netgear router from the list below to download the new firmware:

Netgear recommends in the strongest terms that you update your router. Download and install the beta software now, and then make sure to update to the production firmware when it’s available. Keep an eye on the Security Advisory page for vulnerability 582384 to see if any other Netgear routers are added to the list or if further updates are provided for the known vulnerable devices.

Updated on 12-19-2016 by Mark Coppock: Add download links for production and beta firmware for the affected Netgear routers.

Editors' Recommendations

Topics
Jayce Wagner
Jayce Wagner
Former Digital Trends Contributor
A staff writer for the Computing section, Jayce covers a little bit of everything -- hardware, gaming, and occasionally VR.
Amazon deals on Netgear Wi-Fi routers cut prices by up to $100 today only
amazon shrinks prices on netgear dual band and tri wi fi routers for today orbi whole home mesh ready wifi router 1

Smart homes can't exist without Wi-Fi. Without consistent Wi-Fi signals throughout your home, internet service speed doesn't matter unless you're OK with having some rooms smarter than others. If your Wi-Fi network doesn't reach everywhere you need it, a new wireless router could save the day. Amazon has excellent discounts on a range of Netgear Wi-Fi routers, including high-speed mesh network routers and network extenders as today's Deal of the Day.

However, if for any reason you miss these deals, there are always Black Friday router deals to look forward to.

Read more
It’s time to stop believing these PC building myths
Hyte's Thicc Q60 all-in-one liquid cooler.

As far as hobbies go, PC hardware is neither the cheapest nor the easiest one to get into. That's precisely why you may often run into various misconceptions and myths.

These myths have been circulating for so long now that many accept them as a universal truth, even though they're anything but. Below, I'll walk you through some PC beliefs that have been debunked over and over, and, yet, are still prevalent.
Liquid cooling is high-maintenance (and scary)

Read more
AMD’s next-gen CPUs are much closer than we thought
AMD Ryzen 7 7800X3D held between fingertips.

We already knew that AMD would launch its Zen 5 CPUs this year, but recent motherboard updates hint that a release is imminent. Both MSI and Asus have released updates for their 600-series motherboards that explicitly add support for "next-generation AMD Ryzen processors," setting the stage for AMD's next-gen CPUs.

This saga started a few days ago when hardware leaker 9550pro spotted an MSI BIOS update, which they shared on X (formerly Twitter). Since then, Asus has followed suit with BIOS updates of its own featuring a new AMD Generic Encapsulated Software Architecture (AGESA) -- the firmware responsible for starting the CPU -- that brings support for next-gen CPUs (spotted by VideoCardz).

Read more