Tuesday, December 13, 2016

Routers Netgear with serious holes – how to check their equipment? Virtual Russia

Netgear has serious problems with their Wi-Fi routers R7000 series and R6400 – hole in their software is a serious threat to the security of all devices in the network. Netgear error has long been known, but only now took the software update.

the Hole in the routers Netgear discovered the Internet user with the nickname _AceWorm_ already more than four months ago. Claims shall be promptly reported to the equipment manufacturer, but since then has not received from the company answer. Such behavior forced him to publish information about vulnerabilities. Visit Netgeara there are already reports that the company is working on solving the problem.

the Attack on the Netgear router is not very complicated. It is enough that the attacker will convince the owner felernego device to log on a properly created web page so that it automatically launched the malicious code on the router.

Before Netgear in General, responded to reports of Internet users, the matter raised by the experts from the organization CERT (Computer Emergency Response Team) recommended that users felernego equipment to eliminate the use of devices discovered hole – at least at the time of writing the new version of the control software. Interestingly, this issue applies to more expensive devices series R7000 with firmware version 1.0.7.2_1.1.93 and earlier, and R6400 with firmware 1.0.1.6_1.0.4 and earlier.

In a network there was even a code example that allows you to attack the vulnerable router. Internet users who have engaged in his inspection, put that on the action of malware is also vulnerable router model from the R8000 is controlled by the firmware 1.0.3.4_1.1.2 and earlier.

at the same time _AceWorm_ produced a short video which shows how spradzić that our device is vulnerable to attacks. How to do it? First of all, you must determine which IP address on our NetGear router – it should be in the format XXX.XXX.X.X, where X-any digit from 0-9. Then in the browser window type the command http://XXX.XXX.X.X/cgi-bin/;reboot – if our device will execute the command, it will reboot, then it is likely vulnerable to attack.

LikeTweet

No comments:

Post a Comment