NETGEAR Responds towards VPNFilter Vulnerability

Published by

teaser

In light of the VPNFILTER router and NAS vulnerability we mentioned last week, Netgear submitted an email with some explanations, solves and tips to prevent your NAS from getting infected.



Cisco's security team disclosed a Russian-developed malware called VPNFilter which compromised at least 500,000 routers built by Linksys, MikroTik, NETGEAR, and TP-Link as well as network-attached storage devices manufactured by QNAP:

  • Linksys E1200
  • Linksys E2500
  • Linksys WRVS4400N
  • Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
  • Netgear DGN2200
  • Netgear R6400
  • Netgear R7000
  • Netgear R8000
  • Netgear WNR1000
  • Netgear WNR2000
  • QNAP TS251
  • QNAP TS439 Pro
  • Other QNAP NAS devices running QTS software
  • TP-Link R600VPN
-- Netgear -- 

NETGEAR is aware of a piece of malware called VPNFilter that might target some NETGEAR routers. To protect against this possible malware, we strongly advise all NETGEAR router owners to take the following steps:

To make sure that remote management is turned off on your router:

  1. On a computer that is part of your home network, type http://www.routerlogin.net in the address bar of your browser and press Enter.
  2. Enter your admin user name and password and click OK.
    If you never changed your user name and password after setting up your router, the user name is admin and the password is password.
  3. Click Advanced > Remote Management.
  4. If the check box for Turn Remote Management On is selected, clear it and click Apply to save your changes.
    If the check box for Turn Remote Management On is not selected, you do not need to take any action.

NETGEAR is investigating and will update this advisory as more information becomes available.


Share this content
Twitter Facebook Reddit WhatsApp Email Print