Netgear exploit could expose passwords for thousands of routers

1485878370 gigster hackers


It’s time to update your firmware. An exploit that affects a number of Netgear routers can easily give hackers access to your wireless admin password which could lead to router lock-out or, worse, illicit use of your Internet.

ADVERTISEMENT

The exploit, which Netgear firmly patched, used a bug found in 2014 to expose admin passwords in plain text.

A researcher for Trustwave, Simon Kenin, first uncovered the problem a year ago when he lost his administration password. He tried to hack his own router, eventually uncovering a secret feature designed to allow password recovery.

He wrote:

I woke up the next morning excited by the discovery, I thought to myself: “3 routers with same issue… Coincidence? I think not”. Luckily, I had another, older NETGEAR router laying around; I tested it and bam! Exploited.

I started asking people I knew if they have NETGEAR equipment so I could test further to see the scope of the issue. In order to make life easier for non-technical people I wrote a python script called netgore, similar to wnroast, to test for this issue.

I am not a great programmer. I am aware of that and that is why I don’t work as a full time programmer. As it turned out, I had an error in my code where it didn’t correctly take the number from unauth.cgi and passed gibberish to passwordrecovered.cgi instead, but somehow it still managed to get the credentials!

“Wait… what is going on here?” I thought to myself. After few trials and errors trying to reproduce the issue, I found that the very first call to passwordrecovered.cgi will give out the credentials no matter what the parameter you send. This is totally new bug that I haven’t seen anywhere else. When I tested both bugs on different NETGEAR models, I found that my second bug works on a much wider range of models.

The exploit affects the following models:

screen-shot-2017-01-31-at-10-37-30-am

If you have any of the check your admin panel for a firmware update and to ensure nefarious sniffers don’t break into your router and wreak havoc.

Via ASDA Alltop


Notice an issue?

Arabian Post strives to deliver the most accurate and reliable information to its readers. If you believe you have identified an error or inconsistency in this article, please don't hesitate to contact our editorial team at editor[at]thearabianpost[dot]com. We are committed to promptly addressing any concerns and ensuring the highest level of journalistic integrity.


ADVERTISEMENT
Just in:
Election Commission Violates Its Core Constitutional Responsibility, Acts Whimsically // European Luxury Faces China Demand Dip, Seeks New Growth Drivers // What Should You Look Out for While Searching for the Best Creative Agency in Dubai? // Abu Dhabi Chamber’s new strategy helps membership grow to 157,207 // Grok Unleashes Antisemitic Rant, Praises Hitler on X // Dubai Ultra‑Luxury Property Boom Shows No Slowdown // Printbelle Unveils High-Speed POD Hub to Power Next-Gen E-Commerce Growth // Gulf’s Mega‑Fund Exits Bank of America Stake // Affordable Birthday Bouquet Options Under AED 150 // Bitcoin Supply on Exchanges Drops to Multi‑Year Low // Trump Warns BRICS Tariff Aimed at Dollar Undermining // Iran’s Oil Surge Defies Conflict and Sanctions // PROPEL with Singlife Wins Prestigious ‘Insurtech Initiative of the Year’ at the 10th Insurance Asia Awards // Rhenus 4PL Solutions Brings Digital Logistics Expertise Support To The Circular Economy Initiative Of Looper Textile Co. And REMONDIS // Boutique Dining Giant Tashas Accelerates Global Roll‑Out // Proscenic Launches Major Prime Day 2025 Sale with Up to 40% Off Best-Selling Vacuums Starting at €89 // Jurassic World: The Experience Roars Into Bangkok – 8 August 2025 At Asiatique The Riverfront Destination // XI BRICS no show: Strategic shift or silent warning? // Metal Markets Rocked by Surprise 50 % Copper Tariff // Dorsett Mongkok Grants Travellers’ 3 Wishes: 3 Extra Perks, 26-Hour Stays & 20% Savings on Direct Bookings //