Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security Bug Wireless Networking

NetGear Warns Users To Patch Recently Fixed Wi-Fi Router Bug (bleepingcomputer.com) 7

Netgear has fixed a high-severity vulnerability affecting multiple WiFi router models and advised customers to update their devices to the latest available firmware as soon as possible. BleepingComputer reports: The flaw impacts multiple Wireless AC Nighthawk, Wireless AX Nighthawk (WiFi 6), and Wireless AC router models. Although Netgear did not disclose any information about the component affected by this bug or its impact, it did say that it is a pre-authentication buffer overflow vulnerability. The impact of a successful buffer overflow exploitation can range from crashes following denial of service to arbitrary code execution, if code execution is achieved during the attack. Attackers can exploit this flaw in low-complexity attacks without requiring permissions or user interaction. In a security advisory published on Wednesday, Netgear said it "strongly recommends that you download the latest firmware as soon as possible." A list of vulnerable routers and the patched firmware versions can be found here.
This discussion has been archived. No new comments can be posted.

NetGear Warns Users To Patch Recently Fixed Wi-Fi Router Bug

Comments Filter:
  • Ah the beloved netgear that uses their customers a beta testers for untested products so they can get to market early. For some reason they have a loyal following of customers that has always puzzled me.
    • I have one, I'm pleased with it (just updated it too). The only thing that I don't like is they were pestering to sign up for some subscription service they offer.
      • by Z00L00K ( 682162 )

        I agree that today it's starting to be problematic with all the different subscription and membership "services" where all you are is the product for them. Imagine that all those different signups ends up in the same database, which isn't hard because never expect those companies to actually manage the data themselves - it's "outsourced".

        So far I did discover that I do have the R8000 and not the R8000P, but it's hard to tell if it's vulnerable or not. Either it's out of support or it's not vulnerable.

        What r

    • The problem is buying Netgear in the first place. They've always shipped products with buggy firmware. I bought a print server that never worked as advertised they just kept sending me replacement units until they EOLd it out of warranty.

      Naturally Netgear anything has never passed through my hands again.

  • Something must have changed in the wild, because I've had the patch for this on my device since late July 2022.

    I do not understand the timing of this article.

  • I woke up to no wifi - turned out my Nighthawk had auto-updated last night and lost its config. I also noticed a lot of NETGEARxx SSIDs broadcasting - that's the SSID they use if they haven't been configured, so I bet that hit some other people too.

    I just re-loaded my last saved config and it worked fine.

    So:
    1) Backup your config
    2) Update the firmware
    3) Restore the config only if necessary.

    If it already updated itself and lost the config, well you can upload that

  • Hi, automated lead generation is now available for LinkedIn as well. It's a very convenient way to make an automated funnel and attract leads to your business. And customers who are on LinkedIn as you already know are the most paying ones. LinkedIn lead generation is a central focus for any B2B organization in 2023 that's interested in driving consistent and reliable revenue. We suggest to use octopuscrm.io/linkedin-lead-generation-software [octopuscrm.io] Octopus CRM LinkedIn lead generation tool for your business.

Avoid strange women and temporary variables.

Working...