Over the years, several reports have featured experts giving warnings about router attacks. Many of these attacks have shown that devices can have a "way in" for cyber criminals to access one's private data or even remotely control their devices. In this case, a recent discovery claimed that some models of "Netgear" routers contain command injection vulnerability.
A cyber security expert known only by the name Aceworm disclosed some details of his findings on Exploit Database on Wednesday. When a user visits a malicious web link, the remote cracker can perform "arbitrary shell commands" on the affected "Netgear" router. The vulnerability is the result of the Web interface's unsuccessful filtering of illegal commands found in URLs. Techspot says that Aceworm has notified "Netgear" about the security issue in August but heard nothing from them.
To address the issue, "Netgear" has updated its list and named following routers that have a vulnerability. The confirmed affected "Netgear" router models are R6250, R6400, R6700, R6900, R7000, R7100LG, R7300DST, R7900, R8000, D6220, D6400 and D700. "Netgear" is currently working on a production firmware version that fixes this command injection vulnerability and will release it asap. At this time, eight of models mentioned above have beta firmware. Click here to download the beta firmware.
Kalypto Pink, an expert in vulnerabilities, advises of stopping the use of the affected "Netgear" router until the vendor releases a patch. His post on his website says that he tested and also found a vulnerability in Models R8500 and R9000. Kalypto has listed the steps to test if the "Netgear" router you are using is affected.
A post on Cert/CC says that the vulnerabilities themselves which exist on affected "Netgear" router may be used to temporarily disable the vulnerable web server until the devices are restarted. The post suggests not enabling the remote administration as this would prevent the affected models to be exploited via direct requests from the WAN. The post likewise emphasizes of discontinuing the use of these routers.
