NETGEAR ROUTER ?? Turn it off now.

NETGEAR ROUTERS VULNERABLE

Netgear customers urged to turn off Wi-Fi routers after several models found to pose security risk .............

A temp fix

Verify that your router is affected by going to this URL:
http://[router-address]/cgi-bin/;uname$IFS-a

If that shows you anything but an error (or an empty page): you�re affected. If you�re unsure: please read the detailed explanation below

Point your browser to the following URL to terminate the web server process (which facilitates the vulnerability) on your router:
http://[router-address]/cgi-bin/;killall$IFS'httpd'

(optional) verify that the URL in step (1) is no longer accessible

Will only work until you reboot the router

If you restart your router, the vulnerability will be open again, but at least it�s a temporary fix until Netgear releases an official patch. The only way someone could exploit this is if they sent you a malicious link and you clicked that link, which is pretty unlikely, but if you have one of these routers, it�s still probably better to be safe than sorry.

Edited by bobble_bob (Tue 13-Dec-16 15:06:31)

Firstly, thanks for upping the hysteria level - although you do seem to have missed out the CAPS and obligatory multiple exclamation!!! marks...
Secondly, rather than propagating useless information (how are users supposed to find out about and apply a fix with no router?). A link to Netgear rather than the Torygraph would be helpful.
For example :- http://kb.netgear.com/000036386/CVE-2016-582384
You're welcome.

Just tested mine, came up with a 404 error so im safe

In reply to a post by 10forcash:

Firstly, thanks for upping the hysteria level - although you do seem to have missed out the CAPS and obligatory multiple exclamation!!! marks...
Secondly, rather than propagating useless information (how are users supposed to find out about and apply a fix with no router?). A link to Netgear rather than the Torygraph would be helpful.
For example :- http://kb.netgear.com/000036386/CVE-2016-582384
You're welcome.

I simply posted the headline and content from the newspaper article.

There were links to at least 6 other sites carrying the exact same headline but I thought one would suffice.

I had assumed that most people would read the article if they had a Netgear router and have the intelligence to take the necessary action.

Obviously in your case I seriously misjudged your level of competence and IQ.

+1

In reply to a post by AdrianPH:

Obviously in your case I seriously misjudged your level of competence and IQ.

You're not the first to do so, apology accepted.

DG834N - 404 Not Found

Thanks for the info

Edited by micksharpe (Tue 13-Dec-16 20:02:46)

Just remember "[router-address]" is 192.168.0.1. I forgot at first and left the URL with [router-address] in

Not necessarily - e.g. host component is 1.1 on mine.