Last week, it was discovered that Netgear routers were suffering from an unpatched security flaw that left them vulnerable to hacks. The vulnerability was made public by a security researcher late last week, claiming that many models from Netgear’s Nighthawk series are affected. Now that the issue is public, Netgear has decided to get it together and start working to patch routers to make sure its customers remain safe.
Models that were confirmed to be affected included the R6250, R6400, R6700, R7000, R7100LG, R7300, R7900 and R8000. A few other models could also need patching but Netgear is still investigating the situation for the time being.
In a public security notice, Netgear confirmed it was aware of the security issue, which allowed unauthenticated web pages to pass form input directly to the command-line interface. This could potentially allow an attacker to inject commands to be executed by a connected system.
A firmware update is now in the works and intends to fix the command injection vulnerability. The update hasn’t been released for all routers just yet but so far, Netgear has managed to get fixes out for the R6250, R6400, R6700, R7000 and R8000 in beta form. Given how severe this vulnerability could potentially be, Netgear is advising all of its Nighthawk router users to update their firmware as soon as the security patch becomes available.
You can check the status of security updates, HERE.
KitGuru Says: Hopefully everyone who owns one of these routers gets around to updating their firmware this week, after all, this security flaw is critical. Do any of you currently own a Netgear Nighthawk router? Have you been able to update yet?