CERT warns against using several Netgear routers until a security fix is issued

Share

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Email

Share this article

Join the conversation

Follow us

Add us as a preferred source on Google

Newsletter

Get the PC Gamer Newsletter

Keep up to date with the most important stories and the best deals, as picked by the PC Gamer team.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

---

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

---

Want to add more newsletters?

Every Friday

GamesRadar+

Your weekly update on everything you could ever want to know about the games you already love, games we know you're going to love in the near future, and tales from the communities that surround them.

Signup +

Every Thursday

GTA 6 O'clock

Our special GTA 6 newsletter, with breaking news, insider info, and rumor analysis from the award-winning GTA 6 O'clock experts.

Signup +

Every Friday

Knowledge

From the creators of Edge: A weekly videogame industry newsletter with analysis from expert writers, guidance from professionals, and insight into what's on the horizon.

Signup +

Every Thursday

The Setup

Hardware nerds unite, sign up to our free tech newsletter for a weekly digest of the hottest new tech, the latest gadgets on the test bench, and much more.

Signup +

Every Wednesday

Switch 2 Spotlight

Sign up to our new Switch 2 newsletter, where we bring you the latest talking points on Nintendo's new console each week, bring you up to date on the news, and recommend what games to play.

Signup +

Every Saturday

The Watchlist

Subscribe for a weekly digest of the movie and TV news that matters, direct to your inbox. From first-look trailers, interviews, reviews and explainers, we've got you covered.

Signup +

Once a month

SFX

Get sneak previews, exclusive competitions and details of special events each month!

Signup +

---

An account already exists for this email address, please log in.

Subscribe to our newsletter

Netgear has published a security advisory noting that a handful of popular router models made by Netgear are affected by a serious security vulnerability that could allow remote hackers to take control.

Twitter user "Acew0rm" discovered the security flaw and emailed Netgear about it back in August, according to ComputerWorld. There hasn't been a ton of documentation on the vulnerability in the time that's elapsed since then and it has seemingly gone ignored by Netgear, at least until now.

"Netgear has recently become aware of the security issue #582384 that allows unauthenticated web pages to pass form input directly to the command-line interface. A remote attacker can potentially inject arbitrary commands which are then executed by the system," Netgear said in the security advisory.

Netgear added that it is investigating the security flaw, which it confirmed might affect at least three models, those being the R8000 (Nighthawk x6), R7000 (Nighthawk AC1900), and R6400 (AC1750 Smart).

Carnegie Mellon University's Computer Emergency Response Team (CERT) said the code to exploit the vulnerability is out in the wild. By convincing a user to visit a website containing the malicious code, a hacker could exploit the flaw and execute arbitrary commands with root privileges.

"The CERT/CC is currently unaware of a practical solution to this problem... Exploiting this vulnerability is trivial. Users who have the option of doing so should strongly consider discontinuing use of affected devices until a fix is made available," CERT said.

Netgear will update its security advisory once it has more information.