Millions of users affected by vulnerability in Netgear products
The American company Netgear, dedicated to the production of communication equipment, has confirmed the existence of a serious security breach that affects several of its models. This bug was detected by Trustwave researchers and consists of a vulnerability in the process of recovering passwords, which would allow the obtaining of administration credentials of the device in cases of having access to the local network or if this had remote management enabled. Depending on the affected models, Netgear has published several solutions, ranging from the update of the firmware to the revision of password management configuration.
References:
- 30/01/2017 trustwave.com CVE-2017-5521: Bypassing Authentication on NETGEAR Routers
- 30/01/2017 scmagazineuk.com 31 models of Netgear routers found vulnerable; could be hacked to form botnet
- 30/01/2017 genbeta.com Al menos 10.000 routers NETGEAR están expuestos a ciberataques
- 31/01/2017 pcworld.es Unos 10.000 dispositivos de NETGEAR vulnerables a ciberataques
- 01/02/2017 incibe.es Fallo grave de seguridad en routers Netgear
- 08/02/2017 kb.netgear.com Web GUI Password Recovery and Exposure Security Vulnerability