Blog

A Number Of Netgear Routers Get Security Fixes

Sep 18, 2021 | Blog

Dozens of Netgear routers are vulnerable to a very old security flaw. The DNS rebinding flaws that these routers have date back to models the company put out as early as 2007. That means this issue has been lurking in the background for a very long time.

It was recently brought to light by the Vietnamese security company GRIMM and an independent security researcher known only as d4rkn3ss. Both confirm that these potentially fatal security flaws are centered around the remote management capabilities of the routers in question.

Unfortunately many of the impacted routers have reached their end of support life so no fix is coming. Refer to the extensive list below. If you have one of the affected routers be sure to keep an eye out for a security patch from Netgear.

If you have an older piece of equipment that isn’t slated for additional security fixes, here is the solution. Your best bet is to use the browser based interface to access your router and be sure that its remote management feature is set to “disabled.”

Note however that this will not offer bullet proof protection. Someone with physical access to your network could still exploit the issue but disabling remote administration does go a long ways in terms of protecting you and your network.

Here is the complete list of impacted Netgear routers:

  • D6300, firmware version 1.0.0.90 and 1.0.0.102
  • DGN2200, firmware version 1.0.0.58
  • DGN2200M, firmware version 1.0.0.35 and 1.0.0.37
  • DGN2200v4, firmware version 1.0.0.102
  • R6250, firmware versions 1.0.4.36 and 1.0.1.84
  • R6300v2, firmware version 1.0.3.6CH, 1.0.3.8, and 1.0.4.32
  • R6400, firmware version 1.0.1.20, 1.0.1.36, and 1.0.1.44
  • R7000, firmware versions 9.88, 9.64, 9.60, 9.42, 9.34, 9.18, 9.14, 9.12, 9.10, 9.6, and 8.34
  • R8000, firmware version 1.0.4.18, 1.0.4.46
  • R8300, firmware version 1.0.2.128 and 1.0.2.130
  • R8500, firmware version 1.0.0.28
  • WGR614v9, firmware version 1.2.32NA
  • WGR614v10, firmware version 1.0.2.66NA
  • WGT624v4, firmware version 2.0.12NA and 2.0.13.2
  • WN3000RP, firmware versions 1.0.2.64 and 1.0.1.18
  • WNDR3300, firmware versions 1.0.45, 1.0.45NA, and 1.0.14NA
  • WNDR3400, firmware versions 1.0.0.52 and 1.0.0.38
  • WNDR3400v2, firmware versions 1.0.0.54 and 1.0.0.16
  • WNDR3400v3, firmware versions 1.0.1.24 and 1.0.0.38
  • WNDR3700v3, firmware versions 1.0.0.42, 1.0.0.38, and 1.0.0.18
  • WNDR4000, firmware versions 1.0.2.10, 1.0.2.4, and 1.0.0.82
  • WNDR4500v2, firmware versions 1.0.0.60 and 1.0.0.72
  • WNR1000v3, firmware version 1.0.2.72
  • WNR2000v2, firmware versions 1.2.0.8, 1.2.0.4NA, and 1.0.0.40
  • WNR3500, firmware version 1.0.36NA
  • WNR3500L, firmware versions 1.2.2.48NA, 1.2.2.44NA, and 1.0.2.50
  • WNR3500Lv2, firmware version 1.2.0.56
  • And WNR834Bv2, firmware version 2.1.13NA

If you have one of these routers, consider upgrading. Stay on guard.

FBI Program Tasked with Infrastructure Security Compromised

FBI Program Tasked with Infrastructure Security Compromised

The FBI program tasked with ensuring critical infrastructure security has been compromised by hackers, who now offer access to the program's data on the dark web. The breach was initially disclosed by Brian Krebs of Krebs on Security, who claims that the data was for...

Streamline Your Business with the Latest Smart Home Technology

Streamline Your Business with the Latest Smart Home Technology

Are you a business owner looking to get the most out of your Google smart home devices? If so, you're in luck! Google has enabled its Nest products and Android OS with the initial rollout of the Matter smart home standard. This means that businesses now have the...

Data Breach at Sequoia One Exposes Sensitive Customer Information

Data Breach at Sequoia One Exposes Sensitive Customer Information

What do you do when your most personal information has been compromised? This is likely the question that customers of Sequoia One asked themselves earlier this month as they were informed that the company had been hacked. Sequoia One specializes in the management of...

Cisco Reports Critical IP Phone Vulnerability

Cisco Reports Critical IP Phone Vulnerability

As a business owner, it's important to stay informed about potential vulnerabilities that could impact your organization. Recently, Cisco reported a critical vulnerability, tracked as CVE-2022-20968, affecting its IP Phone 7800 and 8800 Series. This new vulnerability...

Google Chrome Releases Two New Features

Google Chrome Releases Two New Features

Google Chrome is one of the more commonly used web browsers. Over the years, though, Chrome has gained a reputation for utilizing a large portion of a computer's memory. This can be a problem if you're running other resource-intensive tasks and don't want to slow...

Get a Free Consultation

 

Fill out the form below to receive a free consultation and learn how we can make your technology worry-free!

 

Contact Information

  • 39301 Badger Street, Suite 500
    Palm Desert, CA 9221
  • (760) 333-8523
  • info@icn.tech