Netgear zero day vulnerabilities discovered

Security researchers recently disclosed several zero-day vulnerabilities in a number of popular Netgear routers. These Netgear router vulnerabilities could allow malicious actors to take over user networks. While Netgear has begun releasing patches and fixes for the routers users need to be extra careful about who they allow access to their network.

What is a Zero-Day Vulnerability?

According to TechTarget,

A zero-day vulnerability, also known as a computer zero day, is a flaw in software, hardware or firmware that is unknown to the party or parties responsible for patching or otherwise fixing the flaw.

Zero-Day Vulnerability Disclosure for Netgear R6700 Router

In June 2020, researchers at Trend Micro’s Zero Day Initiative (ZDI) issued 10 advisory warnings regarding security vulnerabilities in the Netgear R6700 router. Many of these zero-day vulnerabilities could allow remote code execution on devices and could impact both WAN and LAN on user devices.

ZDI’s purpose is to help researchers identify and report zero-day vulnerabilities to companies. The program financially compensates security researchers and works with companies, like Netgear, to help them fix security vulnerabilities.

Once a vulnerability is reported, ZDI informs companies and gives them 120 days to either patch the vulnerability or provide a mitigation option for users. ZDI also gives companies the option to apply for a temporary extension, if the vendor can provide an adequate reason for the extension.

The Netgear vulnerabilities in question were brought to the company’s attention between November 2019 and February 2020. After Netgear established that it could not provide patches in time, ZDI issued an advisory, calling users to restrict interaction between “trusted machines only.”

Following the disclosure on June 15, Netgear was able to provide patches for some of the vulnerabilities, but many are still yet to be fixed.

Zero-Day Vulnerability Disclosure for 79 Netgear Models

Soon after issuance of the first 10 R6700 advisories, security researchers, including Adam Nichols of cybersecurity firm Grimm and user “d4rkn3ss” from the Vietnam Posts and Telecommunications Group, found that at least one of the vulnerabilities was present in a total of 79 Netgear router models.

The vulnerability in question dealt with the HTTPD daemon, a background program that waits for background server requests. According to the disclosure, the daemon does not adequately check the length of a user server request, allowing malicious users to jam and ultimately take over the router. While this usually can be stopped via the use of a feature called stack cookies or stack canaries, recent versions of popular Netgear routers do not incorporate this feature.

Which Routers are Affected by the Vulnerability?

AC1450
D6220
D6300
D6400
D7000v2
D8500
DC112A
DGN2200
DGN2200v4
DGN2200M
DGND3700
EX3700
EX3800
EX3920
EX6000
EX6100
EX6120
EX6130
EX6150
EX6200
EX6920
EX7000
LG2200D
MBM621
MBR624GU
MBR1200
MBR1515

MBR1516
MBRN3000
MVBR1210C
R4500
R6200
R6200v2
R6250
R6300
R6300v2
R6400
R6400v2
R6700
R6700v3
R6900
R6900P
R7000
R7000P
R7100LG
R7300
R7850
R7900
R8000
R8300
R8500
RS400
WGR614v8

WGR614v9
WGR614v10
WGT624v4
WN2500RP
WN2500RPv2
WN3000RP
WN3100RP
WN3500RP
WNCE3001
WNDR3300
WNDR3300v2
WNDR3400
WNDR3400v2
WNDR3400v3
WNDR3700v3
WNDR4000
WNDR4500
WNDR4500v2
WNR834Bv2
WNR1000v3
WNR2000v2
WNR3500
WNR3500v2
WNR3500L
WNR3500Lv2
XR300

Since the release of the report, Netgear has been hard at work releasing patches for many of the routers. Users with any of the routers listed above are encouraged to update to the newest firmware. For more information, check Netgear’s specifically created router security advisory page.

What Can Users do to Protect Themselves from Recent Vulnerabilities?

The vulnerabilities mentioned above are all associated with stock router firmware. Very often, stock router firmware is chock full of vulnerabilities and bugs. Upgrading to a router firmware like DD-WRT nullifies these issues. Upgrading your powerful Netgear router with DD-WRT can supercharge your network and avoid the issues associated with stock firmware.

What are the Benefits of DD-WRT?

FlashRouters powered with DD-WRT give users a number of benefits, including upgraded security, more control of their network, and VPN integration. Meaning, users with Netgear routers can avoid worrying about the next story about Netgear router vulnerabilities and take full advantage of all DD-WRT has to offer.

How Can Users Upgrade to DD-WRT?

One of the easiest ways users can upgrade is by using our Flash-My-Router Plan. This plan is perfect for users looking to upgrade the security of their network without little to no change.

Flash My Router – upgrade your router firmware remotely

Flash My Router


FEATURES

  • 1-on-1 Session With Expert Technician
  • Basic Internet/Wi-Fi/VPN Setup
  • Open Source Firmware "Flash" Upgrade
  • Includes a $30 Service Credit
wifi Ac Router Global compatible Open VPN

Have any questions about Netgear zero-day vulnerabilities, router security, or router in general? Feel free to contact us!