Multiple Netgear router models contain vulnerabilities that a remote attacker can exploit to take control of an affected device. ISP does not provide Netgear routers with our service, however, many of our customers may have purchased one, themselves, to use with their Internet service. If you are using one of the affected Netgear models, you should update or replace the device, immediately. Please continue reading to determine if your Netgear router model is affected…
Affected models, for which a firmware update may be available from Netgear, include: D6220, D6400, D7000v2, D8500, EX7000, R6400v2, R6700v3, R6900, R6900P, R7000, R7000P, R7850, R7900, R8000, R8500, WNR3500Lv2
Affected models which should be replaced, because a firmware update is NOT available, and the unit is no longer supported by Netgear, include: AC1450, D6220, D6300, D6400, D7000v2, D8500, DC112A, DGN2200, DGN2200M, DGN2200v4, DGND3700, EX3700, EX3800, EX3920, EX6000, EX6100, EX6120, EX6130, EX6150, EX6200, EX6920, EX7000, LG2200D, MBM621, MBR1200, MBR1515, MBR1516, MBR624GU, MBRN3000, MVBR1210C, R4500, R6200, R6200v2, R6250, R6300, R6300v2, R6400, R6400v2, R6700, R6700v3, R6900, R6900P, R7000, R7000P, R7100LG, R7300, R7850, R7900, R8000, R8300, R8500, RS400, WGR614v10, WGR614v8, WGR614v9, WGT624v4, WN2500RP, WN2500RPv2, WN3000RP, WN3100RP, WN3500RP, WNCE3001, WNDR3300, WNDR3300v2, WNDR3400, WNDR3400v2, WNDR3400v3, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000v3, WNR2000v2, WNR3500, WNR3500L, WNR3500Lv2, WNR3500v2, WNR834Bv2, XR300
More details may be found US-CERT, in the Vulnerability Note VU#576779, and in Netgear’s Security Advisory.