Are YOU at risk? Experts warn owners of some Netgear routers to switch them off to avoid 'gaping security hole'

  • Vulnerability affects R7000, R6400, and R8000 routers, and more may be at risk
  • The flaw could allow hackers to remotely gain control over the devices
  • So far, there is no fix, and experts urge users to discontinue use in the meantime
  • Netgear has said that it is aware of the problem, and is investigating now it 

Security experts have revealed a flaw in a number of Netgear routers that could allow hackers to remotely gain control of the devices.

According to officials at CERT and Netgear, the vulnerability affects R7000, R6400, and R8000 routers, and more may be at risk.

The researchers suggest this hack could be relatively simple to carry out, and warn all owners to stop using the routers until a fix becomes available.

According to officials at CERT and Netgear, the vulnerability affects R7000 (pictured), R6400, and R8000 routers, and more may be at risk.

THE VULNERABILITY 

According to the team, the problem has been confirmed in R7000 and R6400 models, and other models could be affected.

They also note that community reports show the R8000, firmware version 1.0.3.4_1.1.2, is vulnerable as well.

Netgear has since confirmed the vulnerability in the latter model. 

With this flaw, hackers could trick users with a malicious link, and gain control over the device.

‘By convincing a user to visit a specially crafted web site, a remote authenticated attacker may execute arbitrary commands with root privileges on affected routers,’ the team wrote.

Netgear confirmed the vulnerability in a statement released today, noting that they are ‘investigating’ the situation.

In a new Vulnerability Note, experts at the CERT Division of the Software Engineering Institute at Carnegie Mellon University say the routers are ‘vulnerable to arbitrary command injection.’

This means hackers can trick users with a malicious link, and gain control over the device.

‘By convincing a user to visit a specially crafted web site, a remote authenticated attacker may execute arbitrary commands with root privileges on affected routers,’ the team wrote.

According to the team, the problem has been confirmed in R7000 and R6400 models, and other models could be affected.

They also note that community reports show the R8000, firmware version 1.0.3.4_1.1.2, is also vulnerable.

Netgear has since confirmed the vulnerability in this model as well.

Security experts have revealed a flaw in a number of Netgear routers that could allow hackers to remotely gain control of the devices. Stock image

With no known solution to the problem as of yet, the researchers recommend disabling the vulnerable web server, and even halting use of the device.

According to Naked Security, the bug lies in the web server that’s built into the router for ‘configuring it and managing your home network.’

They point to a setting in Netgear R7000 manual called ‘Remote Management,’ which can be toggled either On or Off, though it’s set to ‘Off’ by default. 

According to Naked Security , the bug lies in the web server that’s built into the router for ‘configuring it and managing your home network.’ They point to a setting in Netgear R7000 manual called ‘Remote Management,’ which can be toggled either On or Off

‘Exploiting this vulnerability is trivial,’ the CERT experts warned.

‘Users who have the option of doing so should strongly consider discontinuing use of affected devices until a fix is made available.’

The report was first published on Friday, spurring concerns among Netgear users. 

Now, the firm has responded – but, they haven’t yet revealed a solution.

‘Netgear has recently become aware of the security issue #582384 that allows unauthenticated web pages to pass form input directly to the command-line interface,’ the firm wrote in a Security Advisory message today.

‘A remote hacker can potentially inject arbitrary commands which are then executed by the system.

‘Netgear is investigating and will update this article once we have more information.’ 

 

The comments below have not been moderated.

The views expressed in the contents above are those of our users and do not necessarily reflect the views of MailOnline.

By posting your comment you agree to our house rules.

Who is this week's top commenter? Find out now