Netgear users advised to stop using affected routers after severe flaw found

Anyone can exploit the flaw after the exploit code was published.
Written by Zack Whittaker, Contributor

Several leading Netgear routers are vulnerable to a severe security flaw.


(Image: Netgear)

An advisory posted on Friday in Carnegie Mellon University's public vulnerability database (CERT) said that Netgear's R7000 and R6400 routers, running current and recent firmware, respectively, are vulnerable to an arbitrary command injection flaw.

If exploited, the vulnerability could let an unauthenticated attacker run commands with root privileges.

The code to exploit the vulnerability -- effectively just a URL -- has been released publicly, allowing anyone to carry out attacks.

An attacker would have to trick a user into visiting a website that contains the code, such as an invisible web frame, to exploit the flaw. Adding commands to the router's IP address can open up ports on the router, such as Telnet.

CERT advised users to "strongly consider discontinuing use" of the devices until a fix is made available.

The advisory said that other router models may be vulnerable. After a slow response (and nothing from the company directly), Netgear said in a security update posted Sunday that more devices were affected, including the R8000.

Router flaws are increasingly being exploited by attackers who use vulnerabilities to launch large-scale Distributed Denial-of-Service (DDoS) attacks to flood and overload networks with traffic.

Last week, almost a million users across Europe were thrown off the internet after criminals tried to hijack home routers as part of a coordinated cyber attack.

Editorial standards