Millions of users affected by vulnerability in Netgear products

01/02/2017

The American company Netgear, dedicated to the production of communication equipment, has confirmed the existence of a serious security breach that affects several of its models. This bug was detected by Trustwave researchers and consists of a vulnerability in the process of recovering passwords, which would allow the obtaining of administration credentials of the device in cases of having access to the local network or if this had remote management enabled. Depending on the affected models, Netgear has published several solutions, ranging from the update of the firmware to the revision of password management configuration.

References

30/01/2017

trustwave.com

CVE-2017-5521: Bypassing Authentication on NETGEAR Routers
30/01/2017

scmagazineuk.com

31 models of Netgear routers found vulnerable; could be hacked to form botnet
30/01/2017

genbeta.com

Al menos 10.000 routers NETGEAR están expuestos a ciberataques
31/01/2017

pcworld.es

Unos 10.000 dispositivos de NETGEAR vulnerables a ciberataques
08/02/2017

kb.netgear.com

Web GUI Password Recovery and Exposure Security Vulnerability

Etiquetas