Dozens of Netgear routers are vulnerable to a very old security flaw. The DNS rebinding flaws that these routers have date back to models the company put out as early as 2007. That means this issue has been lurking in the background for a very long time.
It was recently brought to light by the Vietnamese security company GRIMM and an independent security researcher known only as d4rkn3ss. Both confirm that these potentially fatal security flaws are centered around the remote management capabilities of the routers in question.
Unfortunately many of the impacted routers have reached their end of support life so no fix is coming. Refer to the extensive list below. If you have one of the affected routers be sure to keep an eye out for a security patch from Netgear.
If you have an older piece of equipment that isn’t slated for additional security fixes, here is the solution. Your best bet is to use the browser based interface to access your router and be sure that its remote management feature is set to “disabled.”
Note however that this will not offer bullet proof protection. Someone with physical access to your network could still exploit the issue but disabling remote administration does go a long ways in terms of protecting you and your network.
Here is the complete list of impacted Netgear routers:
- D6300, firmware version 126.96.36.199 and 188.8.131.52
- DGN2200, firmware version 184.108.40.206
- DGN2200M, firmware version 220.127.116.11 and 18.104.22.168
- DGN2200v4, firmware version 22.214.171.124
- R6250, firmware versions 126.96.36.199 and 188.8.131.52
- R6300v2, firmware version 184.108.40.206CH, 220.127.116.11, and 18.104.22.168
- R6400, firmware version 22.214.171.124, 126.96.36.199, and 188.8.131.52
- R7000, firmware versions 9.88, 9.64, 9.60, 9.42, 9.34, 9.18, 9.14, 9.12, 9.10, 9.6, and 8.34
- R8000, firmware version 184.108.40.206, 220.127.116.11
- R8300, firmware version 18.104.22.168 and 22.214.171.124
- R8500, firmware version 126.96.36.199
- WGR614v9, firmware version 1.2.32NA
- WGR614v10, firmware version 188.8.131.52NA
- WGT624v4, firmware version 2.0.12NA and 184.108.40.206
- WN3000RP, firmware versions 220.127.116.11 and 18.104.22.168
- WNDR3300, firmware versions 1.0.45, 1.0.45NA, and 1.0.14NA
- WNDR3400, firmware versions 22.214.171.124 and 126.96.36.199
- WNDR3400v2, firmware versions 188.8.131.52 and 184.108.40.206
- WNDR3400v3, firmware versions 220.127.116.11 and 18.104.22.168
- WNDR3700v3, firmware versions 22.214.171.124, 126.96.36.199, and 188.8.131.52
- WNDR4000, firmware versions 184.108.40.206, 220.127.116.11, and 18.104.22.168
- WNDR4500v2, firmware versions 22.214.171.124 and 126.96.36.199
- WNR1000v3, firmware version 188.8.131.52
- WNR2000v2, firmware versions 184.108.40.206, 220.127.116.11NA, and 18.104.22.168
- WNR3500, firmware version 1.0.36NA
- WNR3500L, firmware versions 22.214.171.124NA, 126.96.36.199NA, and 188.8.131.52
- WNR3500Lv2, firmware version 184.108.40.206
- And WNR834Bv2, firmware version 2.1.13NA
If you have one of these routers, consider upgrading. Stay on guard.
The Small Business Cyber Crisis
Urgent And Critical Protections Every Business Must Have In Place NOW To Protect Their Bank Accounts, Client Data, Confidential Information And Reputation From The Tsunami Of Cybercrime
Important! We hate spam as much (or more!) than you and promise to NEVER rent, share, or abuse your e-mail address and contact information in any way.