LandzDown Forum

Security => Security Alerts & Briefings => Topic started by: Frands on December 14, 2016, 07:53:42 PM

Title: Critical Bug In Various Netgear Routers
Post by: Frands on December 14, 2016, 07:53:42 PM
Hi  :) ,

There is found a bug in a variety of Netgear Router models. The routers are vulnerable to a simple hack that allows attackers to take almost complete control of the devices.

QuoteThe critical bug allows remote attackers to inject highly privileged commands whenever anyone connected to the local Netgear network clicks on a malicious Web link, a researcher who uses the online handle Acew0rm reported on Friday. The link, which can be disguised to appear innocuous, then injects a command that routers run as root. The devices' failure to properly filter out input included in Web requests allows attackers to run powerful shell commands. Netgear R7000, R6400, and R8000 models have been confirmed to be vulnerable, and other models, including the R7000P, R7500, R7800, R8500 R9000, have been reported by end users as being affected.

Full story: http://arstechnica.com/security/2016/12/unpatched-bug-allows-hackers-to-seize-control-of-netgear-routers/ (http://arstechnica.com/security/2016/12/unpatched-bug-allows-hackers-to-seize-control-of-netgear-routers/)

https://www.kb.cert.org/vuls/id/582384 (https://www.kb.cert.org/vuls/id/582384)

---
Title: Re: Critical Bug In Various Netgear Routers
Post by: Frands on December 14, 2016, 08:06:13 PM
Further links on the story:

https://nakedsecurity.sophos.com/2016/12/12/netgear-routers-have-gaping-remote-access-hole/ (https://nakedsecurity.sophos.com/2016/12/12/netgear-routers-have-gaping-remote-access-hole/)

http://kb.netgear.com/000036386/CVE-2016-582384 (http://kb.netgear.com/000036386/CVE-2016-582384)

https://www.exploit-db.com/exploits/40889/ (https://www.exploit-db.com/exploits/40889/)

---