Bad Netgear Router Bug

Netgear router hack

If you have a Wi-Fi router made by Netgear, you need to pay close attention to this one. Most Netgear routers (79 models), even as old as 2007, are vulnerable.

According to a report by security research firm Trend Micro, Netgear routers have a flaw that could allow a remote attacker (anywhere on the internet) to hack your router. Your router is the gateway to your home network. If it is hacked, every device on your home network is in jeopardy.

Remote Authentication Bypass

Without getting too technical, the problem is with the built-in web server on the router. Most routers are configured by going to the router’s administrative web page using a web browser. You log in with the admin ID and password and are then presented with a website where you can configure all the settings on your router.

The problem here is that there’s a bug which would allow a hacker to bypass this authentication and would then have full control over your router. Normally, router administration is only done from within your home network. But some routers allow you to do this administration from outside (i.e., from the internet). Why? I have no clue. It’s like hanging up a sign saying “please hack me”. A sign that hackers can easily see from anywhere on the planet.

So What Do I Do?

This bug, found and disclosed back in January to Netgear, is still not fixed, though a fix is expected very soon. If you haven’t registered your router, now might be a good time to do so. This will ensure that you get email updates about this and other future fixes. Or you can keep checking the Netgear support page for this bug. As it says there: “NETGEAR strongly recommends that you download the latest firmware as soon as a firmware update or firmware hotfix is available for your product.” When that fix is available, download and install it manually on your router.

In the meantime, you should go to your router’s admin page (for Netgear routers, this is usually https://192.168.1.1/), log in and try to find the settings for “Web Services Management” or “Remote Management” – you may have to go into “Advanced” settings to find this. If this is enabled, turn it off.

And while you’re in there, change the admin password to something besides whatever default password came with the router. If you don’t know it, take a look at this website and find your router model number. Generate a killer password using a password manager and save it there.

Note that this fix will only prevent external access. If some device on your home LAN is compromised, and is programmed to exploit this bug, then it could still attack from inside. Keep an eye out for the fix and install the Netgear software update when available.

Liked it? Take a second to support Carey Parker on Patreon!