Netgear Warns Routers have Easily Exploitable Security Vulnerability -- Security Today

Netgear Warns Routers have Easily Exploitable Security Vulnerability

Dec 13, 2016

Netgear has confirmed through a statement on their website that several routers, including the R7000, R6400 and the R8000, have a security issue that could allow someone to take control of your router with just one click of a malicious link.

“Netgear is aware of the security issue #582384 that allows unauthenticated web pages to pass form input directly to the command-line interface,” the statement reads. “A remote attacker can potentially inject arbitrary commands which are then executed by the system.”

The routers infected include several of Netgear’s most popular models, including the “Nighthawk” series. Netgear has tested and confirmed that the following models are vulnerable:

R6250
R6400
R6700
R7000
R7100LG
R7300
R7900
R8000

Netgear is working on a production firmware version that will fix this vulnerability, but it is still in beta. You can download the beta version from this link for the R6400, R7000 and the R8000.

@PuckinNutz We're aware of the security issue #582384 affecting R6400, R7000, R8000 routers. Stay updated here: https://t.co/41NllmLuNW
— NETGEAR Help (@NETGEARhelp) December 12, 2016

“Netgear is continuing to review our entire portfolio for other routers that might be affected by this vulnerability,” the Netgear team said in the statement. “If any other routers are affected by the same security vulnerability, we plan to release firmware to fix those as well.”

Featured

AI Used as Part of Sophisticated Espionage Campaign

A cybersecurity inflection point has been reached in which AI models has become genuinely useful in cybersecurity operation. But to no surprise, they can used for both good works and ill will. Systemic evaluations show cyber capabilities double in six months, and they have been tracking real-world cyberattacks showing how malicious actors were using AI capabilities. These capabilities were predicted and are expected to evolve, but what stood out for researchers was how quickly they have done so, at scale. Read Now
- Artificial Intelligence
Why the Future of Video Security Is Happening Outside the Cloud

For years, the cloud has captivated the physical security industry. And for good reasons. Remote access, elastic scalability and simplified maintenance reshaped how we think about deploying and managing systems. Read Now
- Video Surveillance
UL Solutions Launches Artificial Intelligence Safety Certification Services

UL Solutions Inc., a global leader in safety science, today announced the launch of artificial intelligence (AI) safety certification services, enabling comprehensive assessments for evaluating the safety of AI-powered products. Read Now
- Artificial Intelligence
ESA Announces Initiative to Introduce the SECURE Act in State Legislatures

The Electronic Security Association (ESA), the national voice for the electronic security and life safety industry, has announced plans to introduce the SECURE Act in state legislatures across the country beginning in 2025. The proposal, known as Safeguarding Election Candidates Using Reasonable Expenditures, provides a clear framework that allows candidates and elected officials to use campaign funds for professional security services. Read Now
- Guard Services
Ransomware Attacks Rise for the First Time in Six Months

Ransomware attacks have risen for the first time in six months, increasing by 28% month-on-month to 421 attacks. While overall attack volume remained below 500, the uptick may signal a renewed escalation heading into the year’s most active period for cyber criminals. Read Now
- Cybersecurity

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

Camden CM-221 Series Switches

Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.
Automatic Systems V07

Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.
AC Nio

Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.