Are you using a Netgear router? Researchers have discovered a very serious security gap that affects hundreds of thousands of Netgear devices.
Η company ασφάλειας Trustwave, αναφέρει οτι η ευπάθεια επιτρέπει ουσιαστικά στους επιτιθέμενους να εκμεταλλευτούν το system ανάκτησης κωδικού πρόσβασης του δρομολογητή (router) για να παρακάμψουν τον έλεγχο ταυτότητας και χρησιμοποιώντας διαπιστευτήρια διαχειριστή, καταφέρνουν να έχουν πλήρη πρόσβαση στη device and its settings.
What is particularly worrying is that the security gap occurs in at least 31 different Netgear models leaving more than one million users open to attacks.
The most alarming is the fact that these devices could in some cases be disturbed remotely. As explained by Trustwave researcher Simon Kenin, any router that has remote management enabled is vulnerable to hacking.
Note that remote management is disabled by default on most devices, and the company says it has found more than 10 routers that have been compromised, but the actual number could be "over a million."
Kenin also warns that everyone with physics access to a faulty Netgear router can abuse its defense mechanisms and gain access to the device, adding the router to botnets.
"The vulnerability could be exploited by a remote attacker if remote management is enabled. By default the function is not activated. However, anyone with physical access to a network with a vulnerable router can take advantage of it locally, "said the researcher.
"This includes public Wi-Fi areas, such as cafes and libraries that use vulnerable equipment."
Trustwave reported the security gap in National Vulenrability Database. The Netgear confirmed also the defect with a publication on its website, giving the full list of affected models:
- R8500
- R8300
- R7000
- R6400
- R7300DST
- R7100LG
- R6300v2
- WNDR3400v3
- WNR3500Lv2
- R6250
- R6700
- R6900
- R8000
- R7900
- WNDR4500v2
- R6200v2
- WNDR3400v2
- D6220
- D6400
- C6300 (firmware released to ISPs)