Stories
Slash Boxes
Comments

SoylentNews is people

posted by CoolHand on Wednesday February 01 2017, @08:43AM   Printer-friendly
from the fun-with-botnets dept.

You might want to upgrade the firmware of your router if it happens to sport the Netgear brand. Researchers have discovered a severe security hole that potentially puts hundreds of thousands of Netgear devices at risk.

Disclosed by cybersecurity firm Trustwave, the vulnerability essentially allows attackers to exploit the router's password recovery system to bypass authentication and hijack admin credentials, giving them full access to the device and its settings. What is particularly alarming is that the bug affects at least 31 different Netgear models, with the total magnitude of the vulnerability potentially leaving over a million users open to attacks.

Even more unsettling is the fact that affected devices could in certain cases be breached remotely. As Trustwave researcher Simon Kenin explains, any router that has the remote management option switched on is ultimately vulnerable to hacks. While the remote management feature is disabled by default in most devices, the firm has found more than 10 thousand affected routers, but the actual number could be "over a million."


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Thursday February 02 2017, @04:02PM

    by Anonymous Coward on Thursday February 02 2017, @04:02PM (#461998)

    When participants could instruct an assistant (confederate) to press the switches, 92.5% shocked to the maximum 450 volts.

    Not 100% but maybe good enough for government work [time.com]?