Check If Your Netgear WiFi Router is Vulnerable to this Flaw of Password Bypass

Bad news for customers with Netgear WiFi routers: Netgear wireless routers hit by another serious security vulnerability, but this time more than two dozens wireless router models are affected. Security researchers from the company called Trustwave are giving warning of a new authentication vulnerability in at least 31 models of Netgear wireless router models that potentially affects over one million Netgear Router Customers Support.

The new vulnerability, which is discovered by Trustwave’s SpiderLabs researcher Simon Kenin, can allow various remote hackers to obtain the admin password for the Netgear WiFi router through a flaw in the process of password recovery. Kenin discovered the flaw (CVE-2017-5521) when he was trying to access the management page of his Netgear WiFi router but had forgotten its password.
So, the researcher started looking for multiple ways to hack his own WiFi router and found a couple of exploits from 2014 that he is able to discover this flaw which allowed him to query wireless routers and retrieve their login details easily, giving him complete access to the device.
But Kenin said that the newly discovered flaw could be remotely exploited only if the WiFi router’s remote management option is being enabled.
While the WiFi router vendor claims the option of remote management is turned off on its WiFi routers by default, according to the researcher, there are hundreds of thousands, if not over a million WiFi routers left that are remotely accessible.
“The vulnerability can be used by a remote attacker if the remote administration is set to be internet facing. By default this is not being turned on,” Kenin said. “However, anyone with physical access to a WiFi network with a vulnerable WiFi router can exploit it locally. This would include public WiFi spaces like libraries and cafés using the vulnerable equipment.”
If exploited by bad actors, the vulnerability that fully bypasses any password on a Netgear WiFi router, this could give hackers complete control of the affected WiFi router, including the ability to change its configuration setting, turn it into botnets or even upload completely new firmware.
After trying out his flaw on a range of Netgear WiFi routers, Kevin was surprised to know that more than ten thousand vulnerable network devices used the flawed firmware and can be accessed remotely. He has also released exploit code for the purpose of testing, written in Python language.

List of Vulnerable Netgear WiFi Router Models:-

The SpiderLabs researcher stressed that the vulnerability is very serious as it affects a large number of Netgear WiFi router models. Here is a list of affected Netgear WiFi routers:-
  1. R8500
  2. R8300
  3. R7000
  4. R6400
  5. R7300DST
  6. R7100LG
  7. R6300v2
  8. WNDR3400v3
  9. WNR3500Lv2
  10. R6250
  11. R6700
  12. R6900
  13. R8000
  14. R7900
  15. WNDR4500v2
  16. R6200v2
  17. WNDR3400v2
  18. D6220
  19. D6400
  20. C6300 (firmware released to ISPs)

Update the Firmware of your Netgear WiFi Router Now:-

Kenin notified Netgear of the flaw, and the company confirmed the problem affects a wide range of its products.
Netgear has released various firmware updates for all of its affected WiFi routers, and users are strongly advised to upgrade their devices which they are currently using.
This is the second time in almost two months when researchers have discovered flaws in Netgear WiFi routers. Just in the last month, the US-CERT advised users to stop using Netgear’s R7000 and R6400 WiFi routers due to a serious issue or bug that permitted command injection.
However, in an effort to make its product safe and secure, Netgear recently partnered up with Bugcrowd to launch a program of bug bounty that can earn researchers cash rewards of up to $15,000 for finding and responsibly reporting bugs and flaws in its hardware, APIs, and the mobile apps.
Netgear router password recovery support team is always here to resolve your issues regarding Netgear genie password recovery or how to Recover Netgear password.

Source : http://www.routerpasswordrecovery.com/check-if-your-netgear-wifi-router-is-vulnerable-to-this-flaw-of-password-bypass/

Comments

Post a Comment

Popular posts from this blog

Recover Router Password

Image
It's normal to forget your username and password or not know your switch's default one. Pursue these means so as to recoup or discover your routers username and secret phrase. Option 1: DEFAULT ROUTER USERNAME and PASSWORD Default usernames and passwords are determined in the documentation that goes with the switch. The default username and secret word are set apart on a mark alongside the switch's sequential number and login address. In the event that this mark or the documentation is inaccessible under any circumstances, look at the accompanying alternatives or see our exhaustive rundown of switch usernames and passwords. Option 2: ROUTER USERNAME AND PASSWORD DATABASE All switches have a default username and secret word. On the off chance that you can't understand that data, recognize your switch from the accompanying rundown. Record the username and secret key and after that go to your switch IP address (on the off chance that you don't know whic
Read more

How To Install A New WiFi Router?

Image
Each and every wireless device in your home connects to your WiFi router, and if you are like many people today, it takes only an hour or two without the WiFi to leave you feeling some anxiety at being disconnected from the network. Get your connections up and running by installing the new WiFi router, using this simple solution guide. While this general process should help you get any new WiFi router online, it is worth noting that each and every model will be a little bit different. Various new models have a streamlined setup process which combines or skips some of these steps, or which lets you manage your setup entirely through a mobile app. When in doubt, follow the directions that came with the WiFi router. But if you want a general walk-through of setting up the network of your home, these steps should get you completely connected. 1. Check Your Internet Connection If you are connecting your WiFi router to an existing modem or an ISP gateway, then you probably al
Read more

Steps To Setup, Change The Password & Assign The IP Address Of Netgear Genie Router

Netgear is able to compromise with its users from so many years by manufacturing many trusted and reliable products for their users. They have managed to make quite a lot of technical products, that their goodwill has now become a threat to every brand of WiFi routers. From recent years Netgear has marked as the best, top-rated and fastest manufacturing organization of WiFi routers which now is needed in offices, every home, and banks. They were the first one to introduce the WiFi router signifying the trademark of the technical WiFi routers. They have their legacy going on from many years back which are manufacturing stable, strong and steady wireless routers for the best usage to its customers. Netgear allows its users to cover a wide range of network signals with their high tech WiFi routers of dual bands and tri-bands features.  Netgear genie login  is easily accessible by www.routerlogin.net and the IP address 192.168.0.1 also. They cover all types of WiFi routers from the ba
Read more