sb-au logo
Story image

Trustwave uncovers major vulnerabilities in NETGEAR routers

31 Jan 2017

Your NETGEAR router is at risk of being hacked and users should check to see if theirs needs patching, according to a new blog by Trustwave SpiderLabs.

Researchers at SpiderLabs found that some Netgear routers can be hacked through their web server by using unauthenticated password disclosure – a method that can gain vulnerable password credentials. After experimenting on a number of Netgear router models, the researcher found another vulnerability that will give credentials for any parameter.

The vulnerabilities, now named CVE-2017-5521 and TWSL2017-003, were sent to Netgear in April 2016 but Trustwave says that Netgear has been slow to respond.

“In our initial contact, the first advisory had 18 models listed as vulnerable, although six of them didn't have the vulnerability in the latest firmware. Perhaps it was fixed as part of a different patch cycle. The second advisory included 25 models, all of which were vulnerable in their latest firmware version,” the blog says.

The vulnerability affects a large number of routers, possibly those in the millions, Trustwave says. The vulnerabilities can be used to conduct a remote attack if administration is set to internet-facing.

While it is not turned on by default, Trustwave says anyone with physical access to a network with a vulnerable router can exploit the vulnerabilities. Routers can also be used as part of botnets.

“As many people reuse their password, having the admin password of the router gives us an initial foothold on the network. We can see all the devices connected to the network and try to access them with that same admin password,” Trustwave says.

While Netgear provided a fix for a small number of routers. There are 18 patches and two models that are now ‘not vulnerable’, there are still a number that have not been patched and even a Lenovo router that uses Netgear firmware, Trustwave says.

“Over the past nine months we attempted to contact NETGEAR multiple times for clarification and to allow them time to patch more models. Over that time we have found more vulnerable models that were not listed in the initial notice, although they were added later. We also discovered that the Lenovo R3220 router is powered by NETGEAR firmware and it was vulnerable as well,” the blog says.

While communication issues with Netgear delayed processes, the company has since committed to push out firmware to unpatched models.

Netgear also committed to working with Bugcrowd, a third party vendor that oversees bugs, patching and provides ‘bug bounty’ rewards to researchers.

Trustwave recommends those with Netgear routers check the Knowledge Base Article to see if you are affected.   

Download image
74% of APAC IT leaders say security culture is essential to business success
You can join these leaders in designing security awareness and training with your employees in mind.More
Story image
Shlayer malware proves Apple devices aren't as secure as you think
"Apple never talks about malware publicly, and loves to give the impression that its systems are secure. Unfortunately, the opposite has been proven to be the case with great regularity."More
Story image
SMBs seeking service providers in face of rising cyber threats
SMBs are struggling with their cybersecurity solutions, with three quarters worried about being the target of a cyberattack in the next six months, and 91% considering using or switching to a new IT service provider if offered a better option.More
Story image
Kaspersky finds red tape biggest barrier against cybersecurity initiatives
The most common obstacles that inhibit or delay the implementation of industrial cybersecurity projects include the inability to stop production (34%), and bureaucratic steps, such as a lengthy approval process (31%) and having too many decision-makers (23%). More
Story image
Proofpoint launches new SMB focused security awareness training
Proofpoint has launched security awareness training for small to medium businesses (SMBs) with the aim of reducing successful phishing attacks and malware infections to almost zero. More
Story image
Revealed: The behaviours exhibited by the most effective CISOs
As cyber-threats pile up, more is being asked of CISOs - and according to Gartner, only a precious few are 'excelling' by the standards of their CISO Effectiveness Index.More