Netgear routers under cyberattack

Security researchers have found a vulnerability in Netgear routers, with the company yet to release a patch.

The exploitation allows attackers to gain full remote unauthenticated root access to the device if it has WAN administration enabled.

The vulnerability is an authentication bypass that affects the N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img versions of the firmware.

If users have their ‘remote administration’ turned on, then hackers can hack into a Netgear router, pick up information, and install tracking or key logging software.

Even if the remote administration is turned off, an attacker can take advantage of the flaw if they are physically connected to the router, or on the same Wi-Fi network.

Threatpost cited Compass Security CTO Alexandre Herzog as saying that an unnamed victim came to know about the attack upon investigating the reasons behind some router instability.

Later on it was discovered that that all of their DNS queries had been redirected to the attacker’s server and it was found that more than 10,000 other routers had already been exploited.

Sign up for our regular news round-up!

Give your business an edge with our leading Tech Monitor

Sign up