Netgear firmware is currently being exploited due to its vulnerability. The company’s firmware was compromised when hackers got direct access to the administration interface of its routers.
Netgear firmware is currently in a predicament as more than 10,000 of its routers could have been compromised by hackers. The two types of firmware (N300_18.104.22.168_1.0.1.img, and N300-22.214.171.124_1.0.1.img) affected are used in multiple routers and could have been easily exploited. This security hole is a grave issue for Netgear and its users as it allows anyone to have full remote unauthorized access, to alter router’s DNS settings, and manipulate direct traffic. To bypass the entire authentication login process, the attacker simply requests a special URL several times and, as a result, gets access to the administration interface of the router.
Before Netgear’s firmware vulnerability was publicly announced in September by Shellshock Labs, a Swiss company named Compass Security had already given Netgear notice of this security breach. Netgear has yet to release a fix for this bug, in spite of being given an early notice of this error in early July. To make amends, Netgear intends to make available a patch to plug the vulnerability of the affected routers, and thus encourage everyone who owns an affected Netgear router to install the patch once the update is available.