These 45 Netgear routers can be hacked and will never be fixed — what to do now

We think this model does get a hotfix, though with many Netgear routers it's hard to tell by appearances alone. (Image credit: Netgear; Shutterstock)

Updated with comment from Netgear.

Forty-five different Netgear Wi-Fi routers and home gateways will never get security patches despite having serious security flaws that were disclosed in June, the company has now confirmed. 

If you own or use one of these routers, it's best to just throw it out and get a new one. You could try installing open-source router firmware such as OpenWRT on the old model if you're technologically inclined.

These routers were among nearly 80 Netgear models prone to total takeover by hackers who could exploit flaws in their administrative interfaces. The Netgear router flaws were revealed in mid-June. 

Netgear has since been pushing out firmware updates and "hot fixes" for individual models one by one, but until last week it wasn't clear which models would never get the fixes.

Now we know. Netgear updated its advisory on the issue July 20 with a grid listing each affected model and whether it would get a temporary hotfix, a full "production release" firmware patch or, sad to say, that the model was "outside security support period" and would get nothing.

Tom's Guide has reached out to Netgear for comment, and we will update this story when we receive a reply.

Our friends at The Register went through the trouble of going through Netgear's grid and compiling a text list of each dead-router-walking. We've borrowed that list and put it below.

How to find your Netgear router's model number

One catch, however: Netgear is terrible at communicating the actual model number of a router to consumers. So while you may think your router model is, for example, "Nighthawk Smart WiFi AC1900", those are just marketing terms used to describe both the R6900 and the R7000. (Both have hotfixes available.)

Go to your router, flip it around and look for a sticker on its bottom or backside. That will have the model number printed on it. Some model numbers have variants, such as R6300 (or R6300v1) versus R6300v2; that means something's different about the internal hardware. In this case, v1 is "outside the security support period" while v2 gets a hotfix.

Every router that has not been declared to be part of the walking dead does have a hotfix or bonafide firmware update available, so if it's not on the list below, go to Netgear's security advisory or to this handy spreadsheet for links to the updates. We've got generic instructions on how to update your Netgear router at the end of an earlier story.

Update: Netgear statement

A Netgear representative provided us with this statement:

"Netgear has provided firmware updates with fixes for all supported products previously disclosed by ZDI and Grimm. The remaining products included in the published list are outside of our support window. In this specific instance, the parameters were based on the last sale date of the product into the channel, which was set at three years or longer."

The 45 Netgear routers that won't be patched

  • AC1450
  • D6300
  • DGN2200v1
  • DGN2200M
  • DGND3700v1
  • LG2200D
  • MBM621
  • MBR1200
  • MBR1515
  • MBR1516
  • MBR624GU
  • MBRN3000
  • MVBR1210C
  • R4500
  • R6200
  • R6200v2
  • R6300v1
  • R7300DST
  • WGR614v10
  • WGR614v8
  • WGR614v9
  • WGT624v4
  • WN2500RP
  • WN2500RPv2
  • WN3000RP
  • WN3000RPv2
  • WN3000RPv3
  • WN3100RP
  • WN3100RPv2
  • WN3500RP
  • WNCE3001
  • WNCE3001v2
  • WNDR3300v1
  • WNDR3300v2
  • WNDR3400v1
  • WNDR3400v2
  • WNDR3400v3
  • WNDR3700v3
  • WNDR4000
  • WNDR4500
  • WNDR4500v2
  • WNR3500v1
  • WNR3500Lv1
  • WNR3500v2
  • WNR834Bv2
Paul Wagenseil

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.