Netgear router exploit found

Toggle sidebar Toggle sidebar
blankslate

blankslate

Diamond Member
Jun 16, 2008
8,747
537
126
http://www.bbc.com/news/technology-34491583

Joe Giron told the BBC that he discovered altered admin settings on his personal router on 28 September.
The compromised router was hacked to send web browsing data to a malicious internet address.
Netgear says the vulnerability is "serious" but affects fewer than 5,000 devices.
Mr Giron found that the Domain Name System (DNS) settings on his router had been changed to a suspicious IP address.
"Normally I set mine to Google's [IP address] and it wasn't that, it was something else," he said.
"For two or three days all my DNS traffic was being sent over to them."
This means that the attacker could have tracked what websites Mr Giron was visiting, or even redirected him to malicious sites had they chosen to do so.
He has decided to turn off the router and not use it for the time being.
'Serious' bug
The vulnerability itself has been documented by security researchers at Compass Security and Shellshock Labs in recent months.
"Is it serious? Yes it definitely is," said Jonathan Wu, senior director of product management at Netgear, one of the top three router brands in the US.
"Because whenever anybody gets access to your router, they can alter settings to direct traffic to places you don't want it to go to."
However, Mr Wu added that attackers would have to get access to the network first and then guess the admin password.
Click to expand...

It's serious but a firmware update is incoming from Netgear and it looks like the vulnerability is mitigated if you don't have remote administration turned on via wireless or through WAN access to the router. Mac address filtering would probably mitigate this as well.

the updated firmware is due on October 14. Fairly decent response time I suppose. No idea how long they knew about the vulnerability before it became public though.


Just a heads up if you know anyone using a Netgear router.



....
 
John Connor

John Connor

Lifer
Nov 30, 2012
22,757
617
121
Many people don't update their firmware or may not even know how. Many people probably won't know about this at all. Just like the Linksys E1200. I get connections to my website with people's hacked E1200's all the time.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom