Netgear releases final patch for three vulnerable routers
Netgear has released final firmware updates for its R6400, R7000 and R8000 routers that address the recently discovered critical vulnerability. A beta version of the patch is available for eight other routers.
Following the release of temporary patches, Netgear has now made final firmware updates available for the R6400, R7000 and R8000 models. Netgear recommends that users of the routers install the updates even if they have previously installed the beta firmware.
Temporary firmware updates are available for eight other vulnerable routers. Netgear does not yet say when these models will receive a final update, but that will be “as soon as possible”, according to the manufacturer. Until then, users of the R6250, R6700, R6900, R7100LG, R7300DST, R7900, D6220 or D6400 can download and install the beta.
The serious vulnerability in the router software allows an attacker to run arbitrary root code on the devices, for example by having a victim visit a malicious site. A few days after the publication, tweaker sjvs published a workaround that disables the web server process on the routers, so that they are no longer vulnerable.