Hackers exploiting 'serious' flaw in Netgear routers

Nearly 5,000 routers are affected by the flaw redirect browsing data to a malicious address.

(Image: CNET/CBS Interactive)

Hackers are said to be actively exploiting a vulnerability in Netgear routers, which routes web browsing data to a malicious server.

Security researcher Joe Giron told the BBC that the administrative settings on his personal router were altered in late September, effectively forwarding DNS traffic for "two or three days."

That could allow an attacker to track which sites users of the affected router were visiting, conduct man-in-the-middle attacks to steal credentials, or redirect users to sites containing malware.

Netgear is aware of the "serious" flaw, but added that fewer than 5,000 devices are affected.

The networking company released a patched firmware version Monday for at least nine affected routers, according to Shell Shock Labs, which reproduced the flaw.