Time to update your Netgear Wi-Fi router one more time. The home networking device maker has released security updates for 35 different models of routers, Wi-Fi range extenders, and modem routers combined to fix three flaws discovered by British security firm Immersive Labs.
Two of the Netgear router flaws allow an attacker, who already has access to the router’s management interface, to hack into it to change configuration settings. Those new settings could be used to create back doors that would give hackers permanent remote access to router controls.
Once a hacker is in control of your router, they can see and control where you are going on the internet, and can often see what you are receiving and sending.
In fairness, only having access to the admin interface in the first place means that the game is now over, but this is a serious flaw that needs to be fixed anyway.
Another Netgear router flaw allows someone on the local network to obtain the router’s serial number by looking at a specific network “port” or interface.
Normally this wouldn’t be so bad, but as a researcher at Immersive Labs Kev Breen Explained in a company blog post yesterday (December 2), “This serial number is used as part of the [administrative] password reset function on most Netgear devices «.
“This mechanism is supposed to ensure that only those with physical access to the device can reset the password,” added Breen, because typically the serial number is only visible on a label on the physical device. “Armed with this information, it is now possible for any user on the network to ask questions about brute force password resetting.”
This less serious attack requires access to the local network, but it is not as difficult to achieve as it seems for an attacker. Many home network Wi-Fi access passwords can be guessed or tampered with. If the malware infiltrates a computer, smartphone, game console, or smart home device by other means, it will also have access to the local network.
How to update the firmware of your Netgear Wi-Fi router
Updating Netgear routers to the latest firmware is model dependent. Many newer Netgear routers have automatic updates enabled by default, and you just need to make sure the feature is turned on.
With some others, you have to go to the administrative interface and check for updates manually, which can then be downloaded and installed by the router itself. Many of the models affected by these flaws are also compatible with the Netgear Nighthawk mobile app, which allows you to check and install the router’s firmware directly from your smartphone.
Older models may require a more complicated router upgrade procedure that involves going to the Netgear support website, entering the router’s model number (it is printed on a label on the device), going to the support page of that model, check for firmware updates, download the update file to a Mac or PC, and then upload the file to the router via the administrative interface.
If you need to go to the administrative panel of the Netgear router, you can usually go to http://22.214.171.124 in a web browser if you are on the router’s local network. Some Netgear routers also allow you to use http://routerlogin.com O http://routerlogin.net.
Generally, the Netgear router administrative interface username is “admin”. You can change that if you want, but it is much more important to ensure that the administrative interface password has been changed from the default password.
The default passwords for most home Wi-Fi routers, whether created by Netgear or not, can be easily found online. Leaving yours alone makes you an easy target for hackers.
While you are in the administrative settings of your router, you will want to go to the “Advanced” part of the interface and then search for “Advanced settings”. Click UPnP and make sure it is disabled.
Then click on “Web Services Administration” or “Remote Administration” and disable it as well. Doing so will eliminate two common attack channels that hackers often use to attack routers.
Netgear Wi-Fi routers that need to be updated
Below are two lists of Netgear devices, listed by model number, that need to be updated. The firmware version number that appears is the version that corrects these defects. You can see the version number of the firmware that your own router is running in the upper right corner of the administrative interface.
Eighteen Netgear Wi-Fi routers, range extenders, and modem routers combined are vulnerable to the first two flaws above, allowing an attacker to change a router’s configuration settings. (Both versions of the RAX120 may also be vulnerable to other Wi-Fi router flaws revealed by different researchers this week.)
DSL modem routers
- D7800 fixed in firmware version 126.96.36.199
Wi-Fi range extenders
- EX2700 fixed in firmware version 188.8.131.52
- WN3000RPv2 fixed in firmware version 184.108.40.206
- WN3000RPv3 fixed in firmware version 220.127.116.11
LTE modem routers
- LBR1020 (an Orbi wireless broadband gateway) fixed in firmware version 18.104.22.168
Sistemas Wi-Fi de Orbi
- LBR20 fixed in firmware version 22.214.171.124
- R6700AX fixed in firmware version 126.96.36.199
- R7800 fixed in firmware version 188.8.131.52
- R8900 fixed in firmware version 184.108.40.206
- R9000 fixed in firmware version 220.127.116.11
- RAX10 fixed in firmware version 18.104.22.168
- RAX120v1 fixed in firmware version 22.214.171.124
- RAX120v2 fixed in firmware version 126.96.36.199
- RAX70 fixed in firmware version 188.8.131.52
- RAX78 fixed in firmware version 184.108.40.206
- XR450 fixed in firmware version 220.127.116.11
- XR500 fixed in firmware version 18.104.22.168
- XR700 fixed in firmware version 22.214.171.124
Seventeen models of Netgear Wi-Fi routers are vulnerable to the third flaw, which makes the device’s serial number visible.
- AC2100 fixed in firmware version 126.96.36.199
- AC2400 fixed in firmware version 188.8.131.52
- AC2600 fixed in firmware version 184.108.40.206
- D7000 fixed in firmware version 220.127.116.11
- R6220 fixed in firmware version 18.104.22.168
- R6230 fixed in firmware version 22.214.171.124
- R6260 fixed in firmware version 126.96.36.199
- R6330 fixed in firmware version 188.8.131.52
- R6350 fixed in firmware version 184.108.40.206
- R6700v2 fixed in firmware version 220.127.116.11
- R6800 fixed in firmware version 18.104.22.168
- R6850 fixed in firmware version 22.214.171.124
- R6900v2 fixed in firmware version 126.96.36.199
- R7200 fixed in firmware version 188.8.131.52
- R7350 fixed in firmware version 184.108.40.206
- R7400 fixed in firmware version 220.127.116.11
- R7450 fixed in firmware version 18.104.22.168