Netgear issues security patches for more than 40 router models — what to do | #macos | #macsecurity


Got a Netgear router? I do, and like yours, mine probably needs to be patched right away.

That’s because the enterprising folks at D.C.-area security firm Grimm have found yet another very serious Netgear flaw, as detailed in a report yesterday (Nov. 16). This comes (relatively) hot on the heels of the previous bunch of Netgear security updates back in September of this year. 

This time around, more than 40 different models of Netgear routers, range extenders and a couple of other devices, from models nearly a decade old to brand-new models on our list of the best Wi-Fi routers, need to install firmware updates to protect themselves from total hacker takeover.

Unfortunately, nearly 40 other Netgear models may or may not get any updates, as some of them are already too old to get any kind of support. 

We’ve got a list of all the affected models at the end of this story. All together, we’re looking at about 80 different models of Wi-Fi routers, Wi-Fi range extenders, DSL gateways and other devices. The number of affected individual units has to be at least several hundred thousand, and may be in the low millions.

How to update your Netgear router’s firmware

The newer your Netgear router is, the easier it is to update the firmware. Netgear’s Orbi mesh routers generally update themselves, and they also have a companion smartphone app that you can use to check for and to install updates. 

Netgear’s Nighthawk routers also have a companion app, although using it is optional for at least some models, as is the automatic-update setting. With some Nighthawks, it’s generally best to go into the administrative interface (try “http://192.168.1.1/admin” or “routerlogin.net” while connected to your home network) and check the “Advanced” section for firmware updates. From there, you should be able to launch the update sequence.

If the above methods don’t work with your Netgear router, then you need to go to Netgear support at https://www.netgear.com/support/ and type in the model number of your router in the search filed at the top of the page. (We’ve got more instructions here on how to update your router’s firmware.)

However, the model number may not be obvious. Some routers come with their branding and specifications proudly listed on the box, such as “Nighthawk AXE11000 Tri-Band WiFi 6E.” But that’s not the model name, which is actually “RAXE500.” (That’s the router in the photo at the top of this story, and it does need to be patched.)

Look for a sticker on the router itself displaying the model number — it may be on the side or on the bottom. To further complicate things, Netgear sometimes changes the inner circuits of a router during the production lifespan, so you may see a “v2” or “v3” appended to the model number.

Once you have the model number, the search function on the Netgear support site should take you to that model’s support page. Scroll down the page to find “Firmware and Software Downloads” and click it. 

You’ll then see a button that will let you download the firmware update to your PC or Mac. Do that, but don’t forget to click the Release Notes link just below it, which in turn will lead you to a link that leads to a downloadable version of your router’s user manual, which will show you how to install the firmware update. The firmware update itself may come with its own instructions.

So what is this Netgear flaw that’s being fixed?

The fatal flaw in all of these models involves a stack overflow in the Universal Plug and Play component of the router firmware. Universal Plug and Play,  or UPnP for short, is a protocol that lets new devices, such as gaming consoles or printers, connect to routers without a lot of fuss. 

It turns out that a character limit in one function of the UPnP protocol on all these Netgear routers permits an attacker on the local network — i.e., already connected to your router as a regular user — to send a malicious command to the router that overrides the routers internal safeguards and gives the router total control without any kind of authorization.

Once that’s done, the attacker can pretty much see anything you do online, and can also send you to malicious websites or break into more devices on your network.

You may think that it’s enough to just keep intruders out of your network to prevent such an attack, but it’s not that hard to crack a network access password or to sneak malicious software onto a poorly secured device, such as an out-of-date computer or a smart-home device.

Suffice it to say that you want to install the Netgear firmware update on your router tout suite — if you can.

Netgear routers with firmware patches available

Here’s a list, copied from the Netgear website, of the models that have firmware updates or “hot fixes” available to fix this flaw, along with the most recent firmware version that they should be updated to.

Routers:

  •     R6400 fixed in firmware version 1.0.1.76
  •     R6400v2 fixed in firmware version 1.0.4.120
  •     R6700v3 fixed in firmware version 1.0.4.120
  •     R6900P fixed in firmware version 1.3.3.142_HOTFIX
  •     R7000 fixed in firmware version 1.0.11.128
  •     R7000P fixed in firmware version 1.3.3.142_HOTFIX
  •     R7100LG fixed in firmware version 1.0.0.72
  •     R7850 fixed in firmware version 1.0.5.76
  •     R7900P fixed in firmware version 1.4.2.84
  •     R7960P fixed in firmware version 1.4.2.84
  •     R8000 fixed in firmware version 1.0.4.76
  •     R8000P fixed in firmware version 1.4.2.84
  •     R8300 fixed in firmware version 1.0.2.156
  •     R8500 fixed in firmware version 1.0.2.156
  •     RAX15 fixed in firmware version 1.0.4.100
  •     RAX20 fixed in firmware version 1.0.4.100
  •     RAX200 fixed in firmware version 1.0.5.132
  •     RAX35v2 fixed in firmware version 1.0.4.100
  •     RAX38v2 fixed in firmware version 1.0.4.100
  •     RAX40v2 fixed in firmware version 1.0.4.100
  •     RAX42 fixed in firmware version 1.0.4.100
  •     RAX43 fixed in firmware version 1.0.4.100
  •     RAX45 fixed in firmware version 1.0.4.100
  •     RAX48 fixed in firmware version 1.0.4.100
  •     RAX50 fixed in firmware version 1.0.4.100
  •     RAX50S fixed in firmware version 1.0.4.100
  •     RAX75 fixed in firmware version 1.0.5.132
  •     RAX80 fixed in firmware version 1.0.5.132
  •     RAXE450 fixed in firmware version 1.0.8.70
  •     RAXE500 fixed in firmware version 1.0.8.70
  •     RS400 fixed in firmware version 1.5.1.80
  •     WNDR3400v3 fixed in firmware version 1.0.1.42
  •     WNR3500Lv2 fixed in firmware version 1.2.0.70
  •     XR300 fixed in firmware version 1.0.3.68

DSL Modem Routers:

  •     D6220 fixed in firmware version 1.0.0.76
  •     D6400 fixed in firmware version 1.0.0.108
  •     D7000v2 fixed in firmware version 1.0.0.76
  •     DGN2200v4 fixed in firmware version 1.0.0.126

Wi-Fi extenders:

  •     EX3700 fixed in firmware version 1.0.0.94
  •     EX3800 fixed in firmware version 1.0.0.94
  •     EX6120 fixed in firmware version 1.0.0.66
  •     EX6130 fixed in firmware version 1.0.0.66

AirCards:

  •     DC112A fixed in firmware version 1.0.0.62

Cable Modems:

  •     CAX80 fixed in firmware version 2.1.3.5

Netgear models that may or many not get a firmware update

Here’s a list of Netgear models that the Grimm team determined were vulnerable to these attacks, but which Netgear hasn’t specifically listed as getting patches for this flaw. The firmware version numbers listed below ARE vulnerable, according to Grimm. 

Unfortunately, there are models that Netgear lists as getting patches that aren’t on Grimm’s list. And there are models listed below that aren’t supposed to be getting patches, yet have received some sort of security patches in the last few months that pushed the firmware versions beyond the vulnerable ones listed below. 

To complicate things further, there are six models that Grimm says are not vulnerable because past firmware updates “broke” UPnP. Four of those — D6220, D6400, R6400 and R7000 — got patches from Netgear to fix this most recent flaw. Two others, D8500 and R6300v2, didn’t and the only available firmware updates are the vulnerable ones listed below.

The best thing to do, if you have one of the models listed below, is to follow the procedures above about checking to see if a firmware update is available on the Netgear support site. 

If the available firmware update has a version number later than what’s below, then you may be getting a patch for the above flaw, especially if the release note for the flaw has a date in the past several months. Go ahead and install the update.

But if the version number of the available firmware update matches the firmware number below, and the release-note date is more than a few months old, then it might be time to get a new router.

  • AC1450 – 1.0.0.36
  • D6300 – 1.0.0.102
  • D8500 – 1.0.3.60
  • DGN2200M – 1.0.0.35
  • DGND3700v1 – 1.0.0.17
  • EX3920 – 1.0.0.88
  • EX6000 – 1.0.0.44
  • EX6100 – 1.0.2.28
  • EX6150 – 1.0.0.46
  • EX6920 – 1.0.0.54
  • EX7000 – 1.0.1.94
  • MVBR1210C – 1.2.0.35BM
  • R4500 – 1.0.0.4
  • R6200 – 1.0.1.58
  • R6200v2 – 1.0.3.12
  • R6250 – 1.0.4.48
  • R6300 – 1.0.2.80
  • R6300v2 – 1.0.4.52
  • R6700 – 1.0.2.16
  • R6900 – 1.0.2.16
  • R7300DST – 1.0.0.74
  • R7900 – 1.0.4.38
  • WGR614v9 – 1.2.32
  • WGT624v4 – 2.0.13
  • WNDR3300v1 – 1.0.45
  • WNDR3300v2 – 1.0.0.26
  • WNDR3400v1 – 1.0.0.52
  • WNDR3400v2 – 1.0.0.54
  • WNDR3700v3 – 1.0.0.42
  • WNDR4000 – 1.0.2.10
  • WNDR4500 – 1.0.1.46
  • WNDR4500v2 – 1.0.0.72
  • WNR834Bv2 – 2.1.13
  • WNR1000v3 – 1.0.2.78
  • WNR2000v2 – 1.2.0.12
  • WNR3500 – 1.0.36NA
  • WNR3500v2 – 1.2.2.28NA
  • WNR3500L – 1.2.2.48NA



Original Source link

Posted in Uncategorized

Leave a Reply

Your email address will not be published. Required fields are marked *

− four = two