If Your Practice is Using One of These Netgear Routers, Replace it Now

Security researchers at Trend Micro discovered a serious vulnerability in Netgear routers. The initial research showed that 79 different models were affected by the vulnerability. While Netgear has patched 28 models, the remaining 41 devices have been left without support. This means that any user of these models will be forever vulnerable to an attack that allows for the remote execution of code with root (administrative) privileges. If you’re using a Netgear router, read on to see if your model is vulnerable.

Staying safe online is getting harder to do. But when a well-known company like Netgear won’t fix known problems in their devices, it gets even harder. Netgear was given the list of vulnerable devices earlier this year and in June decided to fix 28 models. However, the remaining devices were determined to be outside the security support period and would not be patched.

Even the United States Cybersecurity & Infrastructure Security Agency (CISA) issued a release about the issue. You can read it here.

Exploit created to helo encourage Netgear to patch their devices

Cybersecurity firm Grimm, created an attack tool that would use the vulnerability and then showed this to Netgear. The goal was to help Netgear see how serious it was with the hope that Netgear would patch the remaining models. Netgear declined even after seeing that the exploit was legitimate and exploitable by remote attackers.

Sometimes it’s hard to translate corporate-speak into normal English, but this one is easy: we want you to buy a new Netgear router to replace the one we won’t fix.

Not the first time

This isn’t the first time Netgear has come under attack for router vulnerabilities. Netgear has a spotty history with taking the security of their devices seriously. They are also often slow to respond and release updates.

Earlier this year, in March, Netgear released an update for a similar vulnerability for its Nighthawk product model.

In 2017, security firm Trustwave disclosed flaws in 17 different Netgear router models. Netgear released patches for those.

List of vulnerable Netgear routers

AC1450
D6300
DGN2200v1
DGN2200M
DGND3700v1
LG2200D
MBM621
MBR1200
MBR1515
MBR1516
MBR624GU
MBRN3000
MVBR1210C
R4500
R6200
R6200v2
R6300v1
R7300DST
WGR614v10
WGR614v8
WGR614v9
WGT624v4
WN2500RP
WN2500RPv2
WN3000RP
WN3000RPv2
WN3000RPv3
WN3100RP
WN3100RPv2
WN3500RP
WNCE3001
WNCE3001v2
WNDR3300v1
WNDR3300v2
WNDR3400v1
WNDR3400v2
WNDR3400v3
WNDR3700v3
WNDR4000
WNDR4500
WNDR4500v2
WNR3500v1
WNR3500Lv1
WNR3500v2
WNR834Bv2

Practices using these devices are at serious risk

If your practice is using one of the devices listed above as your Internet gateway, you need to replace it immediately. Given Netgear’s track record on issues like this, I wouldn’t replace it with another Netgear device. In fact, practices shouldn’t be using consumer-grade routers as their firewall anyway. These devices offer little protection and often have serious vulnerabilities that go unpatched by the manufacturer. Medical practices need a business-grade firewall to protect ePHI on their network.

Please follow and like us: