A Digital Age Deserves A Digital Leader

Experienced Netgear Router Vulnerability

Experienced Netgear Router Vulnerability

Postby mnemonicj » Sat Mar 26, 2016 3:17 am

It has been a log while since I have posted, so let's see if any one is still listening, by posting a good security story:

I have a full time job as an Engineer, but I help a guy out part time with his small business network. He called me one morning claiming his antivirus software, AVG, was infected. I was very confused about this, so when I got there, I told him to show me what he was talking about. He clicked on a button in the AVG antivirus software and it took him to a malicious web page.

I was really confused about this and started looking at all of the processes running on his computer. This was a tough job, because I kept getting to malicious websites. My friend then told me they have been experiencing the same issue on another computer. With the firewalls in place and no shared authentication on the network, I was puzzled, momentarily.

I then logged into the Netgear router, the only thing the two computers had in common, and found the DNS addresses were defined and not provided by his internet provider's DHCP server. I removed the DNS addresses and Googled for Netgear issues, when I found this: https://threatpost.com/disclosed-netgear-router-vulnerability-under-attack/114960/

His router was one of the Netgear routers with this vulnerability and I had left remote administration on in case he ever needed me to change any settings, so I didn't have to do it as his office. At the time, it seemed the only way around the issue was to disable remote administration via the WAN. I am uncertain if Netgear has provided or will ever provide a fix to this.
PRO Level 15
User avatar
Posts: 1066
Joined: Tue Aug 17, 2004 1:41 am
Location: Indianapolis, IN

Re: Experienced Netgear Router Vulnerability

Postby shreader » Sat Mar 26, 2016 1:06 pm

Thanks for posting this, I never heard of that either.

No Netgear routers here, I use Verizon & their Actiontec (4 port) router.
I try to be cautious & changed the PW to it naturally.
Software Director
User avatar
Posts: 6653
Joined: Mon Aug 12, 2002 2:25 am
Location: Huntington Beach, CA

Return to Security & Virus

Who is online

Users browsing this forum: No registered users and 2 guests