Massive Netgear routers security issues

Tony1044

Prolific Poster

45 Netgear routers they know are vulnerable, know have a real world proof of concept exploit but are refusing to patch!

TL/DR list of routers is here:


  • AC1450
  • D6300
  • DGN2200v1
  • DGN2200M
  • DGND3700v1
  • LG2200D
  • MBM621
  • MBR1200
  • MBR1515
  • MBR1516
  • MBR624GU
  • MBRN3000
  • MVBR1210C
  • R4500
  • R6200
  • R6200v2
  • R6300v1
  • R7300DST
  • WGR614v10
  • WGR614v8
  • WGR614v9
  • WGT624v4
  • WN2500RP
  • WN2500RPv2
  • WN3000RP
  • WN3000RPv2
  • WN3000RPv3
  • WN3100RP
  • WN3100RPv2
  • WN3500RP
  • WNCE3001
  • WNCE3001v2
  • WNDR3300v1
  • WNDR3300v2
  • WNDR3400v1
  • WNDR3400v2
  • WNDR3400v3
  • WNDR3700v3
  • WNDR4000
  • WNDR4500
  • WNDR4500v2
  • WNR3500v1
  • WNR3500Lv1
  • WNR3500v2
  • WNR834Bv2
 

Tony1044

Prolific Poster
That's surprising given Netgears reputation and size...then again I haven't looked into anything Netgear for years so maybe they have just become another "big company" that is only interested in profit. I always just use whatever router Plusnet give me

I never use what the ISP sends, personally.

My setup is a virtualised HA pair of Sophos XG appliances with a free "Home" license and a bunch of AP55 access points dotted around the house.

I wouldn't recommend it for non-techie people and there are times it stretches my own networking knowledge as that's not my specialisation but it works well and I have full control and visibility.

It also does all of the PPPoE "dialup" and handles all of my static IP addresses beautifully.
 

Tony1044

Prolific Poster
Well...

I had a BT business hub that had a WiFi range of around 6' and SIP ports always open even when you blocked them in the firewall. Nor could you change the hard coded BT DNS servers (and at that time even if you changed them on a client, BT's transparent proxy still used their own DNS).

I had a Sky router that could only handle half a dozen WiFi connected devices then stopped giving out DHCP addresses (it was a rebadged netgear).

Then I had a Be supplied router that would allow changes to the firewall in the GUI and show them as being made but they weren't- you had to go into the console to do it at the shell

And I had another one from an ISP I don't recall that wouldn't work in bridge mode.

Just to name the issues I remember.
 

Tony1044

Prolific Poster
And in terms of security... I always say "as far as you know"

You would be amazed at the attacks and probes taking place on your router WAN interface - I had to bulk geoblock Russia, China, N Korea, S Korea and a few other places. The logs were literally full from those locations.
 

SpyderTracks

We love you Ukraine
Netgears have been inherently insecure for a while now, generally best avoided.

Back in 2017 there was a flaw found in their web management that pretty much meant any bot could very simply break into the router and do it's thing:


It's not just that the flaws are found which is almost a given, it's that Netgears response is almost zero, they just expect you to pony up for a new model.
 

Tony1044

Prolific Poster
Netgears have been inherently insecure for a while now, generally best avoided.

Back in 2017 there was a flaw found in their web management that pretty much meant any bot could very simply break into the router and do it's thing:


It's not just that the flaws are found which is almost a given, it's that Netgears response is almost zero, they just expect you to pony up for a new model.

I just remembered I had a 3Com router and found you could access some of the admin pages without needing to authenticate just by using the full URL. One of them was the firewall.

I reported it to them and they actually replied to say "yeah we know. Thanks"

As far as I know they never fixed it.

Just. Wow.
 

Gavras

Master Poster
I have not checked dates on them however remember that products go end of life, how many are not compatible ( fully ) with current OS.

one of those has a release date of 2007, anyone running externally facing kit that old is taking a risk.

it always amazes me that people will replace their GFX card every year or two, often a few hundred quid plus, however they keep network devices for ever.

The last thing any company wants is a huge number of devices to keep supporting.
 
Top