Computers & Electronics

Check your Netgear router model for security vulnerability

  • Last Updated:
  • Jul 31st, 2020 12:20 am
[OP]
Deal Addict
Jan 21, 2018
3226 posts
3298 upvotes
Vancouver

Check your Netgear router model for security vulnerability

https://www.theregister.com/2020/07/30/ ... _patching/

A remote code execution vulnerability affecting most Netgear routers was discovered in June, and is now being exploited in the wild.

Netgear has issued firmware updates for its current models (make sure yours is patched up to date!), but they have also said that many older models will not be patched - list in the article.

It's the classic buffer overflow again - need you even ask? Decades of software developers have been careless about guarding against buffer overflows in almost every software product in existence. Will they ever get it? Picture an episode of the Simpsons where Homer doesn't realize that his beer glass is too small to contain the contents of the beer can and keeps overflowing his beer onto the floor, resulting in a "Doh!" every time. Repeat on loop 10,000 times...
6 replies
Deal Expert
User avatar
Feb 24, 2003
16365 posts
2833 upvotes
Toronto
I wonder how many people have actually been hacked and know that they've been hacked.
Deal Addict
User avatar
Dec 29, 2008
3484 posts
837 upvotes
It really should be illegal to leave routers vulnerable, but not realistic. Coz they'll always be that one router in a gandma house that will never get patched.
Deal Addict
Jun 8, 2005
2935 posts
438 upvotes
Toronto
JonSnow wrote: It really should be illegal to leave routers vulnerable, but not realistic. Coz they'll always be that one router in a gandma house that will never get patched.
what about making it illegal for a router manufacturer to EOL a model, and not provide a patch after a vulnerability is found? or in other words, grandma's router may not have a patch to apply to fix it.
Deal Guru
User avatar
Sep 21, 2010
13483 posts
3600 upvotes
Montréal
Wow, I thought for sure I would get nailed since the list is quite long. Anyway, tx for the HU.
The richest 1% of this country owns half our country’s wealth, 5 trillion dollars, one-third of that comes from hard work, two-thirds comes from inheritance, interest on interest accumulating to widows and idiot sons, and what I do.. <find the rest>
Deal Expert
User avatar
Jun 15, 2011
41185 posts
6414 upvotes
OH o. Gotta love when home based routers have a security flaw and people don't update their firmware or even bother checking.

Gotta love RCEs and buffer overflows. Wonder if I can download a PoC for this :). PoC = Proof of Concept.
trane0 wrote: what about making it illegal for a router manufacturer to EOL a model, and not provide a patch after a vulnerability is found? or in other words, grandma's router may not have a patch to apply to fix it.
That's why you replace the router which is old and has reached its EOL? Lol. One can be nice to grandma and buy her a new router.
Proud to be an Indian.
__________________________________________________________________________
Incident/Cyber Breach Response|Malware Analyzer|Threat Intellligence
Deal Fanatic
User avatar
Mar 31, 2017
6495 posts
2836 upvotes
Only buy a router if 3rd party firmware like OpenWRT or fresh tomato, or DD-WRT, or Merlin supports it. You know official support will end, leaving you vulnerable, so who's fault is it really?

Top