An exploit, described as “serious”, could allow hackers to have complete remote unauthenticated root access to the router. Once access was obtained, a hacker could read all web browsing data or redirect webpage requests to malicious websites instead.
The exploit was first discovered in July, with details of the exploit being passed onto NETGEAR late in the month. The relatively simple exploit saw hackers able to access the administration interface of the router without inputting a valid username or password, from any remote location, as long as they had the router IP address.
Only a fraction of NETGEAR routers are said to be affected, with estimates ranging between 5000 and 10,000 affected units routers. Even then, the exploit only affects routers with WAN Administrator enabled.
NETGEAR have confirmed a patch for the exploit is to be released on the 14th of October. According to users on the web security forum Full Disclosure however, a fix had been successfully developed as early as the start of September, which raises questions as to why a fix wasn’t implemented earlier. Until the patch is released users are advised to check their administration settings on their router, or if unsure, simply not use the router at all for the next couple of days.
This is not the first time an exploit has been found affecting NETGEAR routers. Similar exploits were reported in 2013, although these have since been patched.
Upon release, the patch will prompt users to update their affected firmware. Security experts today stress the importance of regularly updating your router to protect against vulnerabilities – too many users, especially home users, neglect updating their routers, and updates are not pushed automatically.