Check If Your Netgear WiFi Router is Vulnerable to this Flaw of Password Bypass
Bad news for customers with Netgear WiFi routers: Netgear wireless routers hit by another serious security vulnerability, but this time more than two dozens wireless router models are affected. Security researchers from the company called Trustwave are giving warning of a new authentication vulnerability in at least 31 models of Netgear wireless router models that potentially affects over one million Netgear Router Customers Support.
The new vulnerability, which is discovered by Trustwave’s SpiderLabs researcher Simon Kenin, can allow various remote hackers to obtain the admin password for the Netgear WiFi router through a flaw in the process of password recovery. Kenin discovered the flaw (CVE-2017-5521) when he was trying to access the management page of his Netgear WiFi router but had forgotten its password.
So, the researcher started looking for multiple ways to hack his own WiFi router and found a couple of exploits from 2014 that he is able to discover this flaw which allowed him to query wireless routers and retrieve their login details easily, giving him complete access to the device.
But Kenin said that the newly discovered flaw could be remotely exploited only if the WiFi router’s remote management option is being enabled.
While the WiFi router vendor claims the option of remote management is turned off on its WiFi routers by default, according to the researcher, there are hundreds of thousands, if not over a million WiFi routers left that are remotely accessible.
“The vulnerability can be used by a remote attacker if the remote administration is set to be internet facing. By default this is not being turned on,” Kenin said. “However, anyone with physical access to a WiFi network with a vulnerable WiFi router can exploit it locally. This would include public WiFi spaces like libraries and cafés using the vulnerable equipment.”
If exploited by bad actors, the vulnerability that fully bypasses any password on a Netgear WiFi router, this could give hackers complete control of the affected WiFi router, including the ability to change its configuration setting, turn it into botnets or even upload completely new firmware.
After trying out his flaw on a range of Netgear WiFi routers, Kevin was surprised to know that more than ten thousand vulnerable network devices used the flawed firmware and can be accessed remotely. He has also released exploit code for the purpose of testing, written in Python language.
List of Vulnerable Netgear WiFi Router Models:-
The SpiderLabs researcher stressed that the vulnerability is very serious as it affects a large number of Netgear WiFi router models. Here is a list of affected Netgear WiFi routers:-
- C6300 (firmware released to ISPs)
Update the Firmware of your Netgear WiFi Router Now:-
Kenin notified Netgear of the flaw, and the company confirmed the problem affects a wide range of its products.
Netgear has released various firmware updates for all of its affected WiFi routers, and users are strongly advised to upgrade their devices which they are currently using.
This is the second time in almost two months when researchers have discovered flaws in Netgear WiFi routers. Just in the last month, the US-CERT advised users to stop using Netgear’s R7000 and R6400 WiFi routers due to a serious issue or bug that permitted command injection.
However, in an effort to make its product safe and secure, Netgear recently partnered up with Bugcrowd to launch a program of bug bounty that can earn researchers cash rewards of up to $15,000 for finding and responsibly reporting bugs and flaws in its hardware, APIs, and the mobile apps.