Netgear Router Vulnerability: Are You At Risk?

Editor
Updated

Bad news for consumers with Netgear routers: Your device could be compromised with no solid release date for a fix. A vulnerability in two kinds of Netgear router firmware has opened more than 10,000 users up to attack, but while Netgear has updated firmware ready to go, it hasn't made any plans to release it yet.

The story comes courtesy of Threatpost, and actually begins back in July. An unnamed user noticed unusual activity on his router, and upon investigating, tracked it to an outside attack. This person then informed Compass Security, a security firm based in Rapperswil-Jona, Switzerland. Compass worked with the Swiss government to get the attack server shut down, although this process is still ongoing.

MORE: Best Antivirus Software and Apps

Compass also contacted Netgear — privately, at first, in order to give the company time to patch the flaw before other cybercriminals got wise to the scheme. Netgear did not reply until Sept. 3, when it sent Compass a test version of new firmware that was supposed to fix the vulnerability. The firmware worked, but Netgear still has no release date for the patch. As such, Compass released details about the vulnerability, as it believed that the router manufacturer was dragging its heels. Compass determined that the vulnerability has affected more than 10,000 people, mostly in the United States.

The vulnerability itself is an authentication bypass that affects the N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img versions of the firmware. If users have remote administration turned on (it's off by default), anyone with Internet access could theoretically hack into a Netgear router and pick up information from it, as well as install tracking or keylogging software. If remote administration is turned off, an attacker can still take advantage of the flaw, assuming that he or she is physically connected to the router, or on the same Wi-Fi network.

As such, even though users can't upgrade their Netgear firmware just yet, they can ensure that remote administration is turned off. To do this, you'll have to manipulate your router options. By default, your router should be accessible at either 198.16.1.1 or 192.168.0.1, but if you need further information, you can check the instructions for your model of router. It takes a little tech know-how, but it's not much more difficult than, say, adjusting the options on your Internet browser.

Beyond that, be sure to check for firmware updates regularly. The Netgear update should be out sooner rather than later. Routers are an incredibly common point of compromise in home networks, simply because users often neglect to keep them updated with the same assiduity as their computers and mobile devices.