01-02-2017 09:50 PM
What is Best Buy doing about the Netgear router vulnerability? Best Buy carries more than half of the 11 affected models that the Department of Homeland Security’s CERT group released an advisory about recently. According to the advisory (released in Mid-December 2016) "The flaw allows unauthenticated web pages to access the command-line and then execute malicious commands, which could lead to total system takeover."
It would seem like Best Buy should be doing more, like pulling and sending back models to the manufacturer that don't have the patched firmware (because there's a very high likelyhood that most end users are not going to apply the patch themselves and the patch is only confirmed to work for 3 out of 11 affected models). Or another option would be to post notices about it and offer a discounted rate for Geek Squad to do it before the customer leaves the store.
It just seems incredibly irresponsible to KNOW about this exploit and continue to sell the product with no warning/notice or other proactive measures to people that you may be negatively impacting (especially if someone is using this in a connected setup where someone could gain access to cameras, lights, door locks, garages, etc).
01-03-2017 12:16 PM
Your concern is a valid concern and should be addressed.
However, Netgear has already taken care of the issue.
What is NETGEAR doing about it?
NETGEAR takes customer security seriously and has released a firmware that fixes this issue. Details can be found on the firmware release notes articles # 29959, 29461, and 27635.
Customers can be notified of the new firmware by checking the Router Update page, desktop, and mobile genie app. NETGEAR will also proactively notify registered users via email.
Also as a suggestion from Netgaear, and one that everyone should always do is change the default settings.
How do I prevent this attack?
First step of all security measures is to block unauthorized access to your network. By default NETGEAR routers are pre-configured with random security SSID and passphrase. It is recommended to change the SSID and passphrase, as well as administrator password to the router setup GUI page. You can also block unauthorized device from the NETGEAR genie app or desktop application by right-clicking on the unauthorized device in the Network Map.
01-03-2017 12:20 PM
I would also add that I received my update from Netgear about 6 or 7 weeks ago.
01-03-2017 12:28 PM
03-05-2017 03:22 PM
NETGEAR Product Vulnerability Advisory: Potential security issue associated with remote management
Netgear had months to patch a vulnerability in some of the most popular consumer routers on the market. It still hasn't.