Computers & Electronics

Check your Netgear router model for security vulnerability

  • Last Updated:
  • Jul 31st, 2020 12:20 am
[OP]
Deal Fanatic
Jan 21, 2018
5564 posts
5758 upvotes
Vancouver

Check your Netgear router model for security vulnerability

https://www.theregister.com/2020/07/30/ ... _patching/

A remote code execution vulnerability affecting most Netgear routers was discovered in June, and is now being exploited in the wild.

Netgear has issued firmware updates for its current models (make sure yours is patched up to date!), but they have also said that many older models will not be patched - list in the article.

It's the classic buffer overflow again - need you even ask? Decades of software developers have been careless about guarding against buffer overflows in almost every software product in existence. Will they ever get it? Picture an episode of the Simpsons where Homer doesn't realize that his beer glass is too small to contain the contents of the beer can and keeps overflowing his beer onto the floor, resulting in a "Doh!" every time. Repeat on loop 10,000 times...
6 replies
Deal Expert
User avatar
Feb 24, 2003
17962 posts
4402 upvotes
Toronto
I wonder how many people have actually been hacked and know that they've been hacked.
Deal Addict
User avatar
Dec 29, 2008
3709 posts
1083 upvotes
It really should be illegal to leave routers vulnerable, but not realistic. Coz they'll always be that one router in a gandma house that will never get patched.
Deal Addict
Jun 8, 2005
3099 posts
565 upvotes
Toronto
JonSnow wrote: It really should be illegal to leave routers vulnerable, but not realistic. Coz they'll always be that one router in a gandma house that will never get patched.
what about making it illegal for a router manufacturer to EOL a model, and not provide a patch after a vulnerability is found? or in other words, grandma's router may not have a patch to apply to fix it.
Deal Expert
User avatar
Sep 21, 2010
15185 posts
4599 upvotes
Montréal
Wow, I thought for sure I would get nailed since the list is quite long. Anyway, tx for the HU.
Hard work, inheritance, interest on interest accumulating, and stock and real estate speculation. It's all good.
Deal Expert
Jun 15, 2011
43286 posts
7204 upvotes
OH o. Gotta love when home based routers have a security flaw and people don't update their firmware or even bother checking.

Gotta love RCEs and buffer overflows. Wonder if I can download a PoC for this :). PoC = Proof of Concept.
trane0 wrote: what about making it illegal for a router manufacturer to EOL a model, and not provide a patch after a vulnerability is found? or in other words, grandma's router may not have a patch to apply to fix it.
That's why you replace the router which is old and has reached its EOL? Lol. One can be nice to grandma and buy her a new router.
Blanka
Deal Fanatic
User avatar
Mar 31, 2017
6729 posts
2972 upvotes
Only buy a router if 3rd party firmware like OpenWRT or fresh tomato, or DD-WRT, or Merlin supports it. You know official support will end, leaving you vulnerable, so who's fault is it really?

Top