Dozens of Netgear routers are vulnerable to a very old security flaw. The DNS rebinding flaws that these routers have date back to models the company put out as early as 2007. That means this issue has been lurking in the background for a very long time.
It was recently brought to light by the Vietnamese security company GRIMM and an independent security researcher known only as d4rkn3ss. Both confirm that these potentially fatal security flaws are centered around the remote management capabilities of the routers in question.
Unfortunately many of the impacted routers have reached their end of support life so no fix is coming. Refer to the extensive list below. If you have one of the affected routers be sure to keep an eye out for a security patch from Netgear.
If you have an older piece of equipment that isn’t slated for additional security fixes, here is the solution. Your best bet is to use the browser based interface to access your router and be sure that its remote management feature is set to “disabled.”
Note however that this will not offer bullet proof protection. Someone with physical access to your network could still exploit the issue but disabling remote administration does go a long ways in terms of protecting you and your network.
Here is the complete list of impacted Netgear routers:
D6300, firmware version 220.127.116.11 and 18.104.22.168
DGN2200, firmware version 22.214.171.124
DGN2200M, firmware version 126.96.36.199 and 188.8.131.52
DGN2200v4, firmware version 184.108.40.206
R6250, firmware versions 220.127.116.11 and 18.104.22.168
R6300v2, firmware version 22.214.171.124CH, 126.96.36.199, and 188.8.131.52
R6400, firmware version 184.108.40.206, 220.127.116.11, and 18.104.22.168
R7000, firmware versions 9.88, 9.64, 9.60, 9.42, 9.34, 9.18, 9.14, 9.12, 9.10, 9.6, and 8.34
R8000, firmware version 22.214.171.124, 126.96.36.199
R8300, firmware version 188.8.131.52 and 184.108.40.206
R8500, firmware version 220.127.116.11
WGR614v9, firmware version 1.2.32NA
WGR614v10, firmware version 18.104.22.168NA
WGT624v4, firmware version 2.0.12NA and 22.214.171.124
WN3000RP, firmware versions 126.96.36.199 and 188.8.131.52
WNDR3300, firmware versions 1.0.45, 1.0.45NA, and 1.0.14NA
WNDR3400, firmware versions 184.108.40.206 and 220.127.116.11
WNDR3400v2, firmware versions 18.104.22.168 and 22.214.171.124
WNDR3400v3, firmware versions 126.96.36.199 and 188.8.131.52
WNDR3700v3, firmware versions 184.108.40.206, 220.127.116.11, and 18.104.22.168
WNDR4000, firmware versions 22.214.171.124, 126.96.36.199, and 188.8.131.52
WNDR4500v2, firmware versions 184.108.40.206 and 220.127.116.11
WNR1000v3, firmware version 18.104.22.168
WNR2000v2, firmware versions 22.214.171.124, 126.96.36.199NA, and 188.8.131.52
WNR3500, firmware version 1.0.36NA
WNR3500L, firmware versions 184.108.40.206NA, 220.127.116.11NA, and 18.104.22.168
WNR3500Lv2, firmware version 22.214.171.124
And WNR834Bv2, firmware version 2.1.13NA
If you have one of these routers, consider upgrading. Stay on guard.