New vulnerabilities in Netgear routers could potentially allow hackers to hijack devices and expose passwords.
The vulnerabilities could also allow malicious entities to recruit compromised devices into a botnet and use them to launch large-scale cyberattacks.
Trustwave security researcher Simon Kenin uncovered that the vulnerabilities can be exploited remotely if the routers' management options are enabled. Netgear acknowledged the vulnerabilities and issued firmware fixes for models affected by the issue. "We have found more than ten thousand vulnerable devices that are remotely accessible. The real number of affected devices is probably in the hundreds of thousands, if not over a million," Kenin said in a Trustwave blog.
Art Swift, President at the Prpl Foundation, told: "Once these devices have been compromised, especially routers, IoT hubs, and network gateways - due to the fact that they are very often on a local network - they represent a gateway to the network, and can be used to perform a series of attacks on the network bypassing network protection. This can cause a Trojan horse situation for the attackers to get a foothold into the local network."
Kenin claimed that Trustwave disclosed the vulnerabilities to Netgear in April 2016, listing 18 vulnerable models. By the time Netgear responded to Trustwave's disclosures the firm had identified a total of 25 models vulnerable. In July, Netgear issued firmware updates to a portion of the affected models. However, Netgear's most recent advisory reveals that there are now a total of 31 router models vulnerable to the security issues, 18 of which have already been patched.
The firm is encouraging its customers to manually enable password recovery and disable remote management, especially on those devices in which a firmware update is not available. The company wrote: "The potential for password exposure remains if you do not complete both steps. Netgear is not responsible for any consequences that could have been avoided by following the recommendations in this notification."
Security firm Lastline's VP Brian Laing told: "Many products, such as these Netgear routers, are sold with vulnerabilities. Some should have been found in development, and some are based on design where the developers assumed incorrectly only the best intentions. New vulnerabilities are found all the time so consumers need to take as many preventative measures as possible, such as disabling remote management. That will mitigate the impact of someone trying to attack an unknown vulnerability."
