What would you do when you find out that your router got serious security flaw? After all, that’s your favorite router from a reputed company! Netgear is one of the popular company that provided networking hardware, especially routers. But, sad to say, there is a serious security flaw in 2 models of the routers, which gets activate when users are “tricked” to access a particular URL.
Netgear’s model have a serious issue!
According to The United States Computer Emergency Readiness Team (US-CERT), model R7000 and R6400 have a critical security flaw. This can be an easy hack for a hacker, only if he tricks the user to access a particular link.
When the user opens the link, the router processes the link, indirectly activating a series of commands. This is called command injection vulnerability. This vulnerability can prove a boon to an attacker.
CERT says, “The CERT/CC is currently unaware of a practical solution to this problem and recommends the following workaround.”
Accordingly, CERT claims that this might also affect other routers, or they have already been the victim of this exploit.
On Sunday, the firm adds R8000 router to the vulnerable router list.
Back in September, F-Secure reported that that is a serious vulnerability in Inferno routers. The vulnerability is so severe that, if an attacker gains access to the router, he can control each and every device connected to that router.
Earlier this month, Mirai malware attacked TalkTalk Telecom Broadband, shutting down a large number of consumers. Mirai malware also affected Twitter and Spotify, denying access to users, worldwide.
Mirai is malware that turns computer systems running Linux into remotely controlled “bots”, that can be used as part of a botnet in large-scale network attacks. It primarily targets online consumer devices such as remote cameras and home routers.[Wikipedia]
For now, CERT has asked users to switch to other routers from the above mentioned model numbers to keep their dta safe.