A significant vulnerability has been found in the latest version (WNDR3700v4) of Netgear’s N600 Wireless Dual-Band Gigabit Router. Per the researcher with Tactical Network Solutions that discovered the flaw, it is “trivially exploitable” and allows the attacker to disable authentication, open up a backdoor (telnet session), and then return the router to its original state so that the user never knows it was open. According to PC World, other routers may be affected as well.
To mitigate the risk:
- get the latest patch from Netgear (the Shodan database still shows at least 600 unpatched routers with the WNDR3700v4 hardware revision)
- disable remote administration of the router (always)
- use strong WPA2 pass phrases
- don’t allow strangers on your network
D-Link announces that they are actively working to address (patch) the vulnerabilities to admin access via the web. The post also cautions against responding to unsolicited emails about security vulnerabilities that “prompt you to action” as they could be opportunistic phishing scams. They also recommend disabling wireless access to the router.
Router patches so far are available at the bottom of this D-Link post.
Patches for a separate issue involving D-Link network camera vulnerabilities are available here.
One of the models with the vulnerability
The Register reports that a vulnerability has been discovered in several home and small business router models made by D-Link. The vulnerability allows unauthenticated users to gain administrative access to the router’s Web interface, thereby providing access to the network behind the router. Per the post, models include DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+ and TM-G5240 units.
Because there is no current fix, users should disable admin access via wireless connection.