NETGEAR Responds towards VPNFilter Vulnerability

Discussion in 'Frontpage news' started by Hilbert Hagedoorn, May 28, 2018.

  1. Hilbert Hagedoorn

    Hilbert Hagedoorn Don Vito Corleone Staff Member

    Messages:
    48,389
    Likes Received:
    18,560
    GPU:
    AMD | NVIDIA
    In light of the VPNFILTER router and NAS vulnerability we mentioned last week, Netgear submitted an email with some explanations, solves and tips to prevent your NAS from getting infected....

    NETGEAR Reponds towards VPNFilter Vulnerability
     
  2. Rihter

    Rihter Guest

    Messages:
    7
    Likes Received:
    0
    GPU:
    NVIDIA 1070 8gb
    If Netgear made updating their hardware/software more user friendly (yes looking at you Genie), their products would be less exposed. My Netgear Nighthawk range extender is close to impossible for firmware update.
     
  3. WareTernal

    WareTernal Master Guru

    Messages:
    267
    Likes Received:
    53
    GPU:
    XFX RX 7800 XT
    Is this saying that stage 1 requires a default admin password and remote management to be enabled? If so, isn't that inviting the vampire in to your house?

    This didn't really say how you get infected in the first place, and only briefly mentions "most of the affected devices have publicly known vulnerabilities which are not convenient for the average user to patch", and "all of the affected makes/models that we have uncovered had well-known, public vulnerabilities".

    Netgears's advice is simple:
    *Keep firmware up to date
    *Set a password
    *Disable remote management

    If that's "not convenient for the average user", then I have no pity. If there are "well-known, public vulnerabilities" for which there is no available firmware update, then that's a different matter.

    It's interesting how stage 1 uses Photobucket.com to get the IP of it's download server for stage 2 from spoofed EXIF data
     
  4. TheDeeGee

    TheDeeGee Ancient Guru

    Messages:
    9,633
    Likes Received:
    3,413
    GPU:
    NVIDIA RTX 4070 Ti
    I recently went with Xwrt-Vortex for my R7000.

    Should have done that ages ago, Netgears inhouse firmware is balls.
     

  5. DeskStar

    DeskStar Guest

    Messages:
    1,307
    Likes Received:
    229
    GPU:
    EVGA 3080Ti/3090FTW
    Sorry you've had issues. I personally have never had one with netgear.
     

Share This Page