Users of Netgear router should switch off their devices for cyber security

    Netgear routers users using the models R7000, R6400 and R8000 devices should better switch off their devices. These practices will, in fact, save them from the flaw which could allow hackers to gain control of their devices.

    The security experts at CERT Division of the Software Engineering Institute at Carnegie Mellon University and Netgear have admitted that the said models do have a flaw and said that the fix will be available soon.

    According to experts, the flaw exposes users to hackers who could easily trick them to click on malicious links via root privileges available on affected routers. The flaw could also allow them to induce malware in the network through the device.

    The malware could be a ransomware where the digital virus has the potential to lock down files and folders on a PC or a group of PCs. It allows the unlocking only when a specific ransom is paid.

    They are a number of reports on the web saying that the hackers did not return the unlocking key even after the said ransom was paid. Some hackers either demand additional ransom or turn a blind eye as soon as the said ransom is transferred to their account. Cryptocurrency like bitcoins is usually preferred for such dark web transactions.

    Netgear experts have discovered the flaw in the web server which is built into the router for configuring and managing user network. The good news is that the company will be providing a fix to the flaw within next few days. But till then the users need to switch off their routers.

    The other flaw allows unauthenticated web pages to pass form input to the command line interface on a direct note has been discovered by CERT. Netgear experts are working on this vulnerability and said that they will provide a firmware update by this month end.

    Ad
    Naveen Goud
    Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

    No posts to display