Netgear Warns Routers have Easily Exploitable Security Vulnerability -- Security Today

Netgear Warns Routers have Easily Exploitable Security Vulnerability

Dec 13, 2016

Netgear has confirmed through a statement on their website that several routers, including the R7000, R6400 and the R8000, have a security issue that could allow someone to take control of your router with just one click of a malicious link.

“Netgear is aware of the security issue #582384 that allows unauthenticated web pages to pass form input directly to the command-line interface,” the statement reads. “A remote attacker can potentially inject arbitrary commands which are then executed by the system.”

The routers infected include several of Netgear’s most popular models, including the “Nighthawk” series. Netgear has tested and confirmed that the following models are vulnerable:

R6250
R6400
R6700
R7000
R7100LG
R7300
R7900
R8000

Netgear is working on a production firmware version that will fix this vulnerability, but it is still in beta. You can download the beta version from this link for the R6400, R7000 and the R8000.

@PuckinNutz We're aware of the security issue #582384 affecting R6400, R7000, R8000 routers. Stay updated here: https://t.co/41NllmLuNW
— NETGEAR Help (@NETGEARhelp) December 12, 2016

“Netgear is continuing to review our entire portfolio for other routers that might be affected by this vulnerability,” the Netgear team said in the statement. “If any other routers are affected by the same security vulnerability, we plan to release firmware to fix those as well.”

Featured

Why the Future of Video Security Is Happening Outside the Cloud

For years, the cloud has captivated the physical security industry. And for good reasons. Remote access, elastic scalability and simplified maintenance reshaped how we think about deploying and managing systems. Read Now
- Video Surveillance
UL Solutions Launches Artificial Intelligence Safety Certification Services

UL Solutions Inc., a global leader in safety science, today announced the launch of artificial intelligence (AI) safety certification services, enabling comprehensive assessments for evaluating the safety of AI-powered products. Read Now
- Artificial Intelligence
ESA Announces Initiative to Introduce the SECURE Act in State Legislatures

The Electronic Security Association (ESA), the national voice for the electronic security and life safety industry, has announced plans to introduce the SECURE Act in state legislatures across the country beginning in 2025. The proposal, known as Safeguarding Election Candidates Using Reasonable Expenditures, provides a clear framework that allows candidates and elected officials to use campaign funds for professional security services. Read Now
- Guard Services
Ransomware Attacks Rise for the First Time in Six Months

Ransomware attacks have risen for the first time in six months, increasing by 28% month-on-month to 421 attacks. While overall attack volume remained below 500, the uptick may signal a renewed escalation heading into the year’s most active period for cyber criminals. Read Now
- Cybersecurity
Report: 47 Percent of Security Service Providers Are Not Yet Using AI or Automation Tools

Trackforce, a provider of security workforce management platforms, today announced the launch of its 2025 Physical Security Operations Benchmark Report, an industry-first study that benchmarks both private security service providers and corporate security teams side by side. Based on a survey of over 300 security professionals across the globe, the report provides a comprehensive look at the state of physical security operations. Read Now
- Guard Services

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.
Unified VMS

AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities
A8V MIND

Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.