Netgear Is Working On Patch For Recently Discovered Vulnerability In WNR2000 Router
Netgear has announced in a security advisory that it is working on a patch for a recently discovered vulnerability in its WNR2000 router. According to the researcher who discovered the leak, in certain cases it can be used to take over the router over the internet.
Then the remote management function must be enabled on the router, researcher Pedro Ribeiro reports to The Register. In his message about the vulnerability, he also wrote that an attacker can carry out an attack via the local network. He reports to the site that Netgear’s warning does not make it completely clear that it is a fairly serious leak. The company writes that in “very limited cases” it is possible to use the leak remotely.
Ribeiro describes in his message that in a search via Shodan, a search engine that can, for example, find devices connected to the Internet, he found that there are about 10,000 routers that can be managed remotely. According to Netgear’s warning, the vulnerability is present in the v3, v4, and v5 versions of the WNR2000. Until a patch is available, the company recommends disabling remote management. The patch should be released ‘as soon as possible’.
Netgear released final patches for several vulnerable routers a few days ago. Those contain a vulnerability that allowed an attacker to run root code on the device by having a victim visit a malicious site. There are now stable patches for half of the routers, for the rest there are only beta versions.