Bad news for consumers with Netgear routers: Two popular Netgear routers are vulnerable to a critical security bug that could allow attackers to run malicious code with root privileges.
Netgear’s R7000 and R6400 routers, running current and latest versions of firmware, are vulnerable to arbitrary command injection attacks, though the number of users affected by the flaw is still unclear.
In an advisory published on Friday in Carnegie Mellon University’s public vulnerability database (CERT), security researchers said that all an attacker needs to do is trick a victim into visiting a website that contains specially crafted malicious code to exploit the flaw.
As soon as the victim lands on the page, the malicious commands would execute automatically with root privileges on affected routers.
A working exploit leveraging the vulnerability has also been publicly released so that anyone can carry out attacks against the vulnerable routers.
Researchers warned that other router models might also be affected by the vulnerability, advising Netgear users to stop using the routers until a patch is released.
Your router could be compromised with no fixed release date for a patch. So, CERT strongly recommended Netgear users to "consider discontinuing use" of the affected routers until a patch is made available.
Hackers are increasingly targeting insecure, vulnerable routers with the purpose of making them part of nasty IoT botnets that are used to launch massive distributed denial-of-service (DDoS) attacks to knock online services offline.
Over a month ago, we saw Mirai Botnet taking entire Internet offline for few hours just by launching DDoS attacks (came from insecure IoT devices) against Dyn DNS service that crippled some of the world’s biggest and most popular websites.
Just last week, nearly 1 Million users in Germany were also deprived of telephony, television, and Internet service after a supposed cyber-attack hijacked home broadband routers belonging to Deutsche Telekom.