Intel NUC 13 Pro (Arena Canyon) review
Endorfy Arx 700 Air chassis review
Beelink SER5 Pro (Ryzen 7 5800H) mini PC review
Crucial T700 PCIe 5.0 NVMe SSD Review - 12GB/s
Sapphire Radeon RX 7600 PULSE review
Gainward GeForce RTX 4060 Ti GHOST review
Radeon RX 7600 review
ASUS GeForce RTX 4060 Ti TUF Gaming review
MSI GeForce RTX 4060 Ti Gaming X TRIO review
GeForce RTX 4060 Ti 8GB (FE) review
NETGEAR Responds towards VPNFilter Vulnerability
In light of the VPNFILTER router and NAS vulnerability we mentioned last week, Netgear submitted an email with some explanations, solves and tips to prevent your NAS from getting infected.
Cisco's security team disclosed a Russian-developed malware called VPNFilter which compromised at least 500,000 routers built by Linksys, MikroTik, NETGEAR, and TP-Link as well as network-attached storage devices manufactured by QNAP:
- Linksys E1200
- Linksys E2500
- Linksys WRVS4400N
- Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
- Netgear DGN2200
- Netgear R6400
- Netgear R7000
- Netgear R8000
- Netgear WNR1000
- Netgear WNR2000
- QNAP TS251
- QNAP TS439 Pro
- Other QNAP NAS devices running QTS software
- TP-Link R600VPN
-- Netgear --
NETGEAR is aware of a piece of malware called VPNFilter that might target some NETGEAR routers. To protect against this possible malware, we strongly advise all NETGEAR router owners to take the following steps:
- Make sure that you are running the latest firmware on your NETGEAR router. Firmware updates include important security fixes and upgrades. For more information, see How do I update my NETGEAR router firmware using the Check button in the router web interface?.
- Make sure that you have changed your default admin password. For more information, see How do I change the admin password on my NETGEAR router?.
- Make sure that remote management is turned off on your router. Remote management is turned off by default and can only be turned on in your router’s advanced settings.
To make sure that remote management is turned off on your router:
- On a computer that is part of your home network, type http://www.routerlogin.net in the address bar of your browser and press Enter.
- Enter your admin user name and password and click OK.
If you never changed your user name and password after setting up your router, the user name is admin and the password is password. - Click Advanced > Remote Management.
- If the check box for Turn Remote Management On is selected, clear it and click Apply to save your changes.
If the check box for Turn Remote Management On is not selected, you do not need to take any action.
NETGEAR is investigating and will update this advisory as more information becomes available.
Netgear Nighthawk EX8000 X6S Tri-band WiFi Range Extender - 04/16/2018 08:38 AM
NETGEAR released their newest wireless LAN extender, the Nighthawk EX8000. Designed to extend the radio range of the wireless LAN into out-of-reach areas of the home, the Nighthawk EX8000 is equipped ...
Netgear launches multi-gigabit switch: Nighthawk Pro Gaming SX10 - 01/10/2018 10:55 AM
Netgear has announced another product, a multi-gigabit switch. The SX10 offers eight-gigabit ethernet ports and two multi-gigabit ports that support speeds of up to 10 Gb/s. ...
Netgear unveils AC2600 router: Nighthawk Pro Gaming XR500 - 01/10/2018 10:49 AM
Netgear has announced a new router as part of its Nighthawk Pro Gaming line. The Nighthawk Pro Gaming XR500 router offers advanced features to optimize gaming performance. The AC2600 router also has...
NetGear Restyles Switches with the GS908 Series - 10/30/2017 06:41 PM
The NETGEAR 8-port Unmanaged Gigabit Switch (GS908) and the NETGEAR 8-port Smart Managed Plus Gigabit Switch with two USB Charging Ports (GS908E) are industry-first consumer-friendly switches with bui...
NetGear launches NightHawk S8000 Switch - 06/27/2017 08:22 AM
Same stuff, differentlooks is what Netgear is going for. That and an added price premium I am sure. NetGear launches its NightHawk S8000 Switch, which offers 8 ports at 1 Gigabit. The Netgear S8000...
WareTernal
Senior Member
Posts: 259
Joined: 2013-09-27
Senior Member
Posts: 259
Joined: 2013-09-27
#5550976 Posted on: 05/28/2018 08:13 PM
Is this saying that stage 1 requires a default admin password and remote management to be enabled? If so, isn't that inviting the vampire in to your house?
This didn't really say how you get infected in the first place, and only briefly mentions "most of the affected devices have publicly known vulnerabilities which are not convenient for the average user to patch", and "all of the affected makes/models that we have uncovered had well-known, public vulnerabilities".
Netgears's advice is simple:
*Keep firmware up to date
*Set a password
*Disable remote management
If that's "not convenient for the average user", then I have no pity. If there are "well-known, public vulnerabilities" for which there is no available firmware update, then that's a different matter.
It's interesting how stage 1 uses Photobucket.com to get the IP of it's download server for stage 2 from spoofed EXIF data
Is this saying that stage 1 requires a default admin password and remote management to be enabled? If so, isn't that inviting the vampire in to your house?
This didn't really say how you get infected in the first place, and only briefly mentions "most of the affected devices have publicly known vulnerabilities which are not convenient for the average user to patch", and "all of the affected makes/models that we have uncovered had well-known, public vulnerabilities".
Netgears's advice is simple:
*Keep firmware up to date
*Set a password
*Disable remote management
If that's "not convenient for the average user", then I have no pity. If there are "well-known, public vulnerabilities" for which there is no available firmware update, then that's a different matter.
It's interesting how stage 1 uses Photobucket.com to get the IP of it's download server for stage 2 from spoofed EXIF data
TheDeeGee
Senior Member
Posts: 8877
Joined: 2010-08-28
Senior Member
Posts: 8877
Joined: 2010-08-28
#5550977 Posted on: 05/28/2018 08:13 PM
I recently went with Xwrt-Vortex for my R7000.
Should have done that ages ago, Netgears inhouse firmware is balls.
I recently went with Xwrt-Vortex for my R7000.
Should have done that ages ago, Netgears inhouse firmware is balls.
DeskStar
Senior Member
Posts: 1307
Joined: 2011-01-11
Senior Member
Posts: 1307
Joined: 2011-01-11
#5551059 Posted on: 05/29/2018 02:46 AM
Sorry you've had issues. I personally have never had one with netgear.
If Netgear made updating their hardware/software more user friendly (yes looking at you Genie), their products would be less exposed. My Netgear Nighthawk range extender is close to impossible for firmware update.
Sorry you've had issues. I personally have never had one with netgear.
Click here to post a comment for this news story on the message forum.
Junior Member
Posts: 7
Joined: 2018-05-03
If Netgear made updating their hardware/software more user friendly (yes looking at you Genie), their products would be less exposed. My Netgear Nighthawk range extender is close to impossible for firmware update.