Netgear moves to plug vulnerability in routers after researchers find zero-day

guest · Jun 17, 2020

Netgear moves to plug vulnerability in routers after researchers find zero-day
June 17, 2020
https://www.cyberscoop.com/netgear-remote-code-execution-grimm-zdi/

A newly discovered software vulnerability could allow hackers to remotely exploit home internet routers, offering a foothold for breaking into the devices running on those networks.

Researchers say the flaw in routers made by Netgear — revealed this week by cybersecurity company GRIMM and Trend Micro’s Zero Day Initiative (ZDI) — underscores the long-running challenge of improving security in a market that prizes affordable and functional networking equipment. Netgear told CyberScoop on Wednesday that it was close to releasing a patch for the vulnerability.
Click to expand...

The flaw affects how Netgear devices handle incoming data and could let hackers, under certain conditions, bypass the router’s authentication process using a software exploit. The router could then be a pathway to other devices, such as a laptop housing sensitive work information. (Breaking into the laptop would likely require an additional exploit.)

“While modern software development processes have vastly improved the quality of commercial software as compared to 10-15 years ago, consumer network devices have largely been left behind,” Nichols wrote in a blog discussing the vulnerability.
ZDI researchers say they reported the bug to Netgear in January. They held off for weeks on publishing their analysis so that Netgear could address the issue.
Click to expand...

guest · Jun 18, 2020

List of all affected router models:

Unpatched vulnerability identified in 79 Netgear router models
June 18, 2020
https://www.zdnet.com/article/unpatched-vulnerability-identified-in-79-netgear-router-models/

A whopping 79 Netgear router models are vulnerable to a severe security flaw that can let hackers take over devices remotely.
In a proof-of-concept exploit published on GitHub, Nichols said he was able to "start the [router's] telnet daemon as root listening on TCP port 8888 and not requiring a password to login."

A Netgear spokesperson was not immediately available for comment, but in the ZDI bug disclosure, ZDI said that Netgear requested a second extension until the end of this coming then. However, not all routers are expected to receive patches, as some have already gone end-of-life many years before.
Below is the list of all 79 routers models that Nichols said contain a vulnerable version of the web server. [...]
Click to expand...

guest · Jul 30, 2020

If you own one of these 45 Netgear devices, replace it: Gear maker won't patch vulnerable gear despite live proof-of-concept code
That's one way of speeding up the tech refresh cycle
July 30, 2020
https://www.theregister.com/2020/07/30/netgear_abandons_45_routers_vuln_patching/

Netgear has quietly decided not to patch more than 40 home routers to plug a remote code execution vulnerability – despite security researchers having published proof-of-concept exploit code.

The vuln was revealed publicly in June by Trend Micro's Zero Day Initiative (ZDI) following six months spent chivvying Netgear behind the scenes to take it seriously.
Keen-eyed Reg readers, however, noticed that Netgear quietly declared 45 of the affected products as "outside the security support period" – meaning those items won't be updated to protect them against the vuln.

With today's revelation that 45 largely consumer and SME-grade items will never be patched, Netgear faces questions over its commitment to older product lines.
Click to expand...

Today Netgear's advisory page for the patches shows 45 devices' fix status as "none; outside security support period". We have collected those devices' model numbers in the list below: [...]
The Register asked Netgear to comment some days ago but at the time of publication the company had not sent us a statement.
Click to expand...

Log in or Sign up

Netgear moves to plug vulnerability in routers after researchers find zero-day

guest Guest

guest Guest

guest Guest

Log in or Sign up

Netgear moves to plug vulnerability in routers after researchers find zero-day

guest Guest

guest Guest

guest Guest

Useful Searches