AnimeSuki Forums

monster · 2016-12-12, 15:03

CERT is advising people who are using certain Netgear routers, such as the R7000 and the R6400 models, to discontinue using them until a fix is available for a known security issue.

Quote:

Netgear R7000, firmware version 1.0.7.2_1.1.93 and possibly earlier, and R6400, firmware version 1.0.1.12_1.0.11 and possibly earlier, contain an arbitrary command injection vulnerability. By convincing a user to visit a specially crafted web site, a remote unauthenticated attacker may execute arbitrary commands with root privileges on affected routers. A LAN-based attacker may do the same by issuing a direct request, e.g. by visiting:

http://<router_IP>/cgi-bin/;COMMAND

An exploit leveraging this vulnerability has been publicly disclosed.

This vulnerability has been confirmed in the R7000 and R6400 models. Community reports also indicate the R8000, firmware version 1.0.3.4_1.1.2, is vulnerable. Other models may also be affected.

A temporary fix (which will be undone every time the router is restarted) is to disable the web server.

Quote:

The very vulnerability that exists on affected routers may be used to temporarily disable the vulnerable web server until the device is restarted:
http://<router_IP>/cgi-bin/;killall$IFS'httpd'
Note that after performing this step, your router's web administration not be available until the device is restarted. Please see Bas' Blog for more details.

Note that the temporary fix makes use of the issue itself.

SeijiSensei · 2016-12-13, 11:19

Nowadays I only buy routers that use DD-WRT for their management software. I just upgraded to this well-regarded TP-Link device.

Routers with security vulnerabilities were involved in the recent attack on Dyn along with baby monitors and wifi security cameras.

monster · 2016-12-15, 00:45

Netgear has released firmware update to fix the issue along with a list of products Netgear has confirmed to be affected. However, the firmware release is still in beta (has not been fully tested) and might not work for all users. So this is only being offered as a temporary solution until the production version of the firmware is available.

2016-12-13, 11:19	Link #2
SeijiSensei AS Oji-kun Join Date: Nov 2006 Age: 74	Nowadays I only buy routers that use DD-WRT for their management software. I just upgraded to this well-regarded TP-Link device. Routers with security vulnerabilities were involved in the recent attack on Dyn along with baby monitors and wifi security cameras. __________________ Taking Anime Seriously - Politics by the Numbers - Sports by the Numbers - MAL List - Avatars - Images

2016-12-15, 00:45	Link #3
monster Junior Member Join Date: Dec 2005	Netgear has released firmware update to fix the issue along with a list of products Netgear has confirmed to be affected. However, the firmware release is still in beta (has not been fully tested) and might not work for all users. So this is only being offered as a temporary solution until the production version of the firmware is available.