back to article Living on a prayer? Netgear not quite halfway there with patches for 28 out of 79 vulnerable router models

Netgear has now patched 28 out of 79 vulnerable router models, six months after infosec researchers first noticed security problems potentially allowing an attacker to remotely execute code as root. The latest hotfixes come after two models were fixed earlier in June. The vulnerability in question could, for example, allow the …

  1. GBE

    Who give's the bad guys access to their router's web server?

    "Multiple Netgear devices contain a stack buffer overflow in the httpd web server's handling of upgrade_check.cgi, which may allow for unauthenticated remote code execution with root privileges,"

    Why would the router's web server be exposed to a remote network in the first place?

    1. Dan 55 Silver badge

      Re: Who give's the bad guys access to their router's web server?

      It's usually JavaScript in a compromised/malware web page that tries to connect to 192.168.1.1 and other likely suspects.

  2. RM Myers Bronze badge
    Unhappy

    Wonder how many router firmware developers Netgear has?

    I'm guessing one highly competent developer/lead and maybe one or two others who work under the lead. And how many different processors/chipsets are affected by this error? This may put a real crimp in Netgear's new router development.

    The race to the bottom isn't just in price!

    1. Kevin McMurtrie Silver badge

      Re: Wonder how many router firmware developers Netgear has?

      My impression from getting support on Netgear products is that engineering is outsourced. There were entire classes of features that didn't work, public releases sometimes had testing backdoors permanently enabled, and support needed multiple days to contact engineering. The only satisfactory solution I came up with was throwing them in the trash.

  3. vogon00

    Don't forget Layer 2...

    This isn't really anything to do with vulnerabilities, just a comment on Netgear's L2 switch issues.

    Because I'm personally on a budget (Solved due to the donation of plenty of Cisco kit - thanks, Richard!), and work is definitely on a budget, I've been forced into useing Netgear switches (GS105/108/GS308E) at home and GS10x/GS724/FS728 at the SMB where I currently labour.

    I have all sorts of 'beefs' with these blasted things..

    * The GS105/108s lock up when subjected to (undiagnosed packets from) WinPE and the GS724/FS728 have individual ports that 'lock up' intermittently, so much so that one has a large-ish script ('Smart Managed' is not 'Properly Managed', you know) that spots locked up ports and down/ups them. MD/CEO is deaf to the "it's your bloody surface pro doing that" argument I present....

    * The GS308E isn't manageable with a particular device attached... looks like the CPU is maxed out trying to make sense of something.

    The other thing that pisses me off is that rather than change the model number like most people, they just change the *version* number ('Model X, Version Y'). I deliberately asked for a very specific thing to match some existing infrastructure (Version 4), and 'coz purchasing is done by Boss I got the cheapest one available....which was of course the way older V2 hardware that had been stuck in the supply chain for a while. Conversation was along these lines - Boss:"I can't return it , It's the same model", Me:"No it's not", followed by two unnecessary hours of effing about with upgrades and configuration to get them to even begin to 'play nicely' with each other.

    Oh yeah - watch out for their implementation of 'Link Aggregation', either passive or active.

    Thanks to Richard again for the donation of lots-of-ports-of Cisco gear for my home lab. Luxury in comparison!

    1. rcxb Silver badge

      Re: Don't forget Layer 2...

      Try eBay. Cisco gear that's slightly out-of-date (not many 10G ports) goes very cheap.

  4. sanmigueelbeer Silver badge

    which stung Netgear into patching two devices early on

    Will this be a new norm? Manufacturers dragging their feet until a working exploit has been published?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020