Dozens of Netgear routers are vulnerable to a very old security flaw. The DNS rebinding flaws that these routers have date back to models the company put out as early as 2007. That means this issue has been lurking in the background for a very long time.

It was recently brought to light by the Vietnamese security company GRIMM and an independent security researcher known only as d4rkn3ss. Both confirm that these potentially fatal security flaws are centered around the remote management capabilities of the routers in question.

Unfortunately many of the impacted routers have reached their end of support life so no fix is coming. Refer to the extensive list below. If you have one of the affected routers be sure to keep an eye out for a security patch from Netgear.

If you have an older piece of equipment that isn’t slated for additional security fixes, here is the solution. Your best bet is to use the browser based interface to access your router and be sure that its remote management feature is set to “disabled.”

Note however that this will not offer bullet proof protection. Someone with physical access to your network could still exploit the issue but disabling remote administration does go a long ways in terms of protecting you and your network.

Here is the complete list of impacted Netgear routers:

D6300, firmware version and
DGN2200, firmware version
DGN2200M, firmware version and
DGN2200v4, firmware version
R6250, firmware versions and
R6300v2, firmware version,, and
R6400, firmware version,, and
R7000, firmware versions 9.88, 9.64, 9.60, 9.42, 9.34, 9.18, 9.14, 9.12, 9.10, 9.6, and 8.34
R8000, firmware version,
R8300, firmware version and
R8500, firmware version
WGR614v9, firmware version 1.2.32NA
WGR614v10, firmware version
WGT624v4, firmware version 2.0.12NA and
WN3000RP, firmware versions and
WNDR3300, firmware versions 1.0.45, 1.0.45NA, and 1.0.14NA
WNDR3400, firmware versions and
WNDR3400v2, firmware versions and
WNDR3400v3, firmware versions and
WNDR3700v3, firmware versions,, and
WNDR4000, firmware versions,, and
WNDR4500v2, firmware versions and
WNR1000v3, firmware version
WNR2000v2, firmware versions,, and
WNR3500, firmware version 1.0.36NA
WNR3500L, firmware versions,, and
WNR3500Lv2, firmware version
And WNR834Bv2, firmware version 2.1.13NA

If you have one of these routers, consider upgrading. Stay on guard.

Used with permission from Article Aggregator