Sign In

Communications of the ACM

ACM TechNews

Netgear Moves to Plug Vulnerability in Routers After Researchers Find Zero-Day


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
A Netgear router.

Netgear is close to releasing a patch for a software vulnerability that could enable hackers to remotely exploit home Internet routers and potentially access devices running on those networks, the company says.

Credit: Netgear

Netgear said it is close to releasing a patch for a software vulnerability that could enable hackers to remotely exploit home Internet routers and potentially access devices running on those networks.

The cybersecurity company GRIMM and Trend Micro's Zero Day Initiative (ZDI) reported the vulnerability.

GRIMM's Adam Nichols said his team detected a vulnerable copy of a Web server on the router in 79 different Netgear devices.

He noted that a hacker does not necessarily need to be on a Wi-Fi network to launch an attack.

Researchers said the vulnerability affects a version of Netgear firmware dating to 2007.

ZDI first reported the bug to Netgear in January, delaying its analysis so Netgear could address the issue. It published its findings on June 15 to raise awareness after Netgear requested multiple extensions for releasing a fix.

Netgear said the patch has been delayed by the pandemic.

From CyberScoop
View Full Article

 


 

No entries found