According to the manufacturer, only a few router models are affected (via t3n). According to Netgear, these include the RAX40, RAX35, R6400v2, R6700v3, R6900P, R7000P, R7000, R7960P and R8000P routers. There are firmware updates for each of these models, which have been distributed for a few days.
The updates are offered to users via the router’s web interface (http://routerlogin.net) or can be downloaded from Netgear support.
Infographic: Cyber criminals use home office as a gateway
Netgear rated the vulnerability as high. The full list of vulnerable Netgear routers along with the patched firmware versions are listed at the end of the post.
Synology vulnerability
We had already reported on the second security problem that t3n describes on New Year’s Day. This is a critical vulnerability in Synology VPN Plus Server: “A vulnerability allows remote attackers to execute arbitrary commands through a vulnerable version of Synology VPN Plus Server.” Further details will only be released once the update has already reached the affected users. There is also no corresponding CVE entry.
Affected routers and required updates
- RAX40 – Version 1.0.2.60
- RAX35 – Version 1.0.2.60
- R6400v2 – Version 1.0.4.122
- R6700v3 – Version 1.0.4.122
- R6900P – Version 1.3.3.152
- R7000P – Version 1.3.3.152
- R7000 – Version 1.0.11.136
- R7960P – Version 1.4.4.94
- R8000P – version 1.4.4.94
See also:
