NETGEAR Responds towards VPNFilter Vulnerability

Discussion in 'Frontpage news' started by Hilbert Hagedoorn, May 28, 2018.

  1. Hilbert Hagedoorn

    Hilbert Hagedoorn Don Vito Corleone Staff Member

    Messages:
    32,426
    Likes Received:
    1,594
    GPU:
    AMD | NVIDIA
    In light of the VPNFILTER router and NAS vulnerability we mentioned last week, Netgear submitted an email with some explanations, solves and tips to prevent your NAS from getting infected....

    NETGEAR Reponds towards VPNFilter Vulnerability
     
  2. Rihter

    Rihter New Member

    Messages:
    2
    Likes Received:
    0
    GPU:
    NVIDIA 1070 8gb
    If Netgear made updating their hardware/software more user friendly (yes looking at you Genie), their products would be less exposed. My Netgear Nighthawk range extender is close to impossible for firmware update.
     
  3. WareTernal

    WareTernal Member Guru

    Messages:
    177
    Likes Received:
    17
    GPU:
    XFX R9 380X XXX
    Is this saying that stage 1 requires a default admin password and remote management to be enabled? If so, isn't that inviting the vampire in to your house?

    This didn't really say how you get infected in the first place, and only briefly mentions "most of the affected devices have publicly known vulnerabilities which are not convenient for the average user to patch", and "all of the affected makes/models that we have uncovered had well-known, public vulnerabilities".

    Netgears's advice is simple:
    *Keep firmware up to date
    *Set a password
    *Disable remote management

    If that's "not convenient for the average user", then I have no pity. If there are "well-known, public vulnerabilities" for which there is no available firmware update, then that's a different matter.

    It's interesting how stage 1 uses Photobucket.com to get the IP of it's download server for stage 2 from spoofed EXIF data
     
  4. TheDeeGee

    TheDeeGee Ancient Guru

    Messages:
    5,457
    Likes Received:
    132
    GPU:
    MSI GTX 1070
    I recently went with Xwrt-Vortex for my R7000.

    Should have done that ages ago, Netgears inhouse firmware is balls.
     

  5. DeskStar

    DeskStar Master Guru

    Messages:
    335
    Likes Received:
    8
    GPU:
    4 eVGA GTX TITAN SC
    Sorry you've had issues. I personally have never had one with netgear.
     

Share This Page