Patched firmware has been released to fix the vulnerability issue in Netgear’s routers.
For quite some time, Netgear was experiencing a vulnerability that affected its routers where hackers were able to change the routers’ DNS settings. Even though more than 10,000 routers have already been attacked, last night Netgear released a patched firmware to fix the issue.
Back in late July, Netgear was privately informed about the issue by Swiss Company Compass Security. Shortly after, Netgear gave Compass Security a beta version of firmware in which fixed the security issue, however, the company did not specify when a public release would take place.
Netgear was publically warned again in September by researchers at Shellshock Labs who explained that the exploit “allows for ‘full remote unauthenticated root access’ of routers.” Shellshock also shared that WAN administration has to be enabled for the vulnerability to be usable.
Once the N300_220.127.116.11_1.0.1.img and N300-18.104.22.168_1.0.1.img firmware are affected, the attacker has access to the router without needing the password.
How it works:
- A user wants access to the web interface, so a http authentication login process begins
- If the username and password is unavailable, the user gets redirected to the 401_access_denied.htm file
- An attacker calls the URL http://<ROUTER-IP>/BRS_netgear_sucess.html several times
- The attacker can access the administrative web interface without the username and password prompt
However, the firmware Netgear released last night affects versions JNR1010v2, WNR2000v5, JWNR2010v5, WNR614, WNR618, WNR1000v4, WNR2020, and WNR2020v2.
If all goes well, the patched firmware will solve the vulnerability issue and hackers will be unable to gain access to Netgear routers’ DNS settings.