Dozens of Netgear routers are vulnerable to a very old security flaw. The DNS rebinding flaws that these routers have date back to models the company put out as early as 2007. That means this issue has been lurking in the background for a very long time.
It was recently brought to light by the Vietnamese security company GRIMM and an independent security researcher known only as d4rkn3ss. Both confirm that these potentially fatal security flaws are centered around the remote management capabilities of the routers in question.
Unfortunately many of the impacted routers have reached their end of support life so no fix is coming. Refer to the extensive list below. If you have one of the affected routers be sure to keep an eye out for a security patch from Netgear.
If you have an older piece of equipment that isn’t slated for additional security fixes, here is the solution. Your best bet is to use the browser based interface to access your router and be sure that its remote management feature is set to “disabled.”
Note however that this will not offer bullet proof protection. Someone with physical access to your network could still exploit the issue but disabling remote administration does go a long ways in terms of protecting you and your network.
Here is the complete list of impacted Netgear routers:
- D6300, firmware version 1.0.0.90 and 1.0.0.102
- DGN2200, firmware version 1.0.0.58
- DGN2200M, firmware version 1.0.0.35 and 1.0.0.37
- DGN2200v4, firmware version 1.0.0.102
- R6250, firmware versions 1.0.4.36 and 1.0.1.84
- R6300v2, firmware version 1.0.3.6CH, 1.0.3.8, and 1.0.4.32
- R6400, firmware version 1.0.1.20, 1.0.1.36, and 1.0.1.44
- R7000, firmware versions 9.88, 9.64, 9.60, 9.42, 9.34, 9.18, 9.14, 9.12, 9.10, 9.6, and 8.34
- R8000, firmware version 1.0.4.18, 1.0.4.46
- R8300, firmware version 1.0.2.128 and 1.0.2.130
- R8500, firmware version 1.0.0.28
- WGR614v9, firmware version 1.2.32NA
- WGR614v10, firmware version 1.0.2.66NA
- WGT624v4, firmware version 2.0.12NA and 2.0.13.2
- WN3000RP, firmware versions 1.0.2.64 and 1.0.1.18
- WNDR3300, firmware versions 1.0.45, 1.0.45NA, and 1.0.14NA
- WNDR3400, firmware versions 1.0.0.52 and 1.0.0.38
- WNDR3400v2, firmware versions 1.0.0.54 and 1.0.0.16
- WNDR3400v3, firmware versions 1.0.1.24 and 1.0.0.38
- WNDR3700v3, firmware versions 1.0.0.42, 1.0.0.38, and 1.0.0.18
- WNDR4000, firmware versions 1.0.2.10, 1.0.2.4, and 1.0.0.82
- WNDR4500v2, firmware versions 1.0.0.60 and 1.0.0.72
- WNR1000v3, firmware version 1.0.2.72
- WNR2000v2, firmware versions 1.2.0.8, 1.2.0.4NA, and 1.0.0.40
- WNR3500, firmware version 1.0.36NA
- WNR3500L, firmware versions 1.2.2.48NA, 1.2.2.44NA, and 1.0.2.50
- WNR3500Lv2, firmware version 1.2.0.56
- And WNR834Bv2, firmware version 2.1.13NA
If you have one of these routers, consider upgrading. Stay on guard.
