Netgear Router Passwords Vulnerable to Hack, Firmware Fix Issued for Most Affected Models

Advertisement
By Shekhar Thakran | Updated: 1 February 2017 16:04 IST
Highlights
  • Netgear has issued a fix for 18 out of 31 vulnerable routers
  • The flaw was exposed by cyber-security firm Trustwave
  • Devices with remote management enabled vulnerable to hack

Netgear has issued firmware updates for several of its router models in response to a vulnerability, which was exposed by a cyber-security firm, on its devices that could reportedly be used by hackers to get full access to the device by recovering the admin password. Netgear has acknowledged that the vulnerability occurs when an attacker can access the internal network or when remote management is enabled on the router. The firmware updates follow a warning by US-CERT in December that along with Netgear identified three vulnerable routers made by the company.

Trustwave, the firm which disclosed the flaw, has claimed that the vulnerability is present on more than 10,000 devices that are remotely accessible. "The real number of affected devices is probably in the hundreds of thousands, if not over a million," Trustwave researcher Simon Kenin said in his blog post. In total, 31 models have been listed as vulnerable to the disclosed flaw and Netgear has issued a patch for 18. Two of the models that were previously listed as vulnerable are listed as non-vulnerable now, Kenin points out. The flaw allows attackers to access Web GUI login passwords while password recovery is disabled.

Advertisement

Lazy Encryption Practices Endanger Millions of Internet-Enabled Devices: Report

Even though the remote management feature is turned off by default on devices, it can be turned on through advanced settings by users, Netgear said in its post. The firmware fix has been made available by the company for the following models:

Advertisement
  • R8500
  • R8300
  • R7000
  • R6400
  • R7300DST
  • R7100LG
  • R6300v2
  • WNDR3400v3
  • WNR3500Lv2
  • R6250
  • R6700
  • R6900
  • R8000
  • R7900
  • WNDR4500v2
  • R6200v2
  • WNDR3400v2
  • D6220
  • D6400

Netgear has also released firmware fix for the Web password recovery vulnerability for model V6510. The company has also issued a workaround measure for those devices that are vulnerable but have not received the firmware fix as of now. The gist of the workaround is to manually enable password recovery feature and ensure that remote management is disabled.

Readers who are currently using Netgear branded devices are strongly advised to update their model by going to the dedicated page from company's official post in order to avoid being exposed to a hack.

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement
Popular Mobile Brands
  1. Airtel Unlimited 5G Data Subscribers Reportedly Cannot Share 5G Data via Mobile Hotspot
  2. OnePlus Exits US, Europe, Continues Operations in India: 5 Things to Know
  3. Airtel Revises Postpaid Portfolio, Removes Rs. 549 Individual Plan
  4. Oppo K15 Launch Date Confirmed; Key Specifications Revealed Ahead of Debut
  5. Insomniac Games Shares New Trailer for Marvel's Wolverine
  6. Here's How Much the iQOO Z11 Lite Could Cost in India
  7. Here's When the Poco M8 Power, Poco X8 Could Launch in India
  8. iPhone 18 Pro Max Could Get a New Sony Sensor With Variable Aperture Tech
  1. Redmi Note 17 Pro Global Variant Reportedly Appears on NBD Database Alongside Poco Model
  2. Google Pixel 11a Codename Reportedly Spotted in Phone App
  3. Huawei Mate XT 2 Leaked Patent Reveals New Tri-Fold Design and Folding Mechanism
  4. Airtel Unlimited 5G Data Subscribers Reportedly Cannot Share 5G Data via Mobile Hotspot: Here's What We Know So Far
  5. Lenovo Legion C700 Teased as a Cloud Gaming Handheld Ahead of August Launch
  6. Marvel's Wolverine Gets New Trailer That Will Play Ahead of Christopher Nolan's The Odyssey in Select Theatres
  7. Airtel Quietly Removes Rs. 549 Individual Postpaid Plan in India; Rs. 699 Plan Becomes Next Upgrade
  8. Poco M8 Power, Poco X8 India Launch Timeline Tipped; Could Arrive as Rebranded Redmi Note 17 Series
  9. Samsung Galaxy S25 Series Could Get Galaxy S26’s Horizontal Lock Camera Feature With One UI 9 Update
  10. Asus Pad India Launch Date Announced as Company Reveals Key Specifications
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.