Should I Upgrade Firmware on Netgear R7000
Got a Netgear router? I exercise, and like yours, mine probably needs to be patched correct away.
That’s because the enterprising folks at D.C.-surface area security firm
have plant yet another very serious Netgear flaw, equally detailed in a report Nov. xvi. This comes (relatively) hot on the heels of the
previous bunch of Netgear security updates back in September
of this year.
This time around,
Netgear lists more than than 40 unlike models
(opens in new tab)
of routers, range extenders and a couple of other devices, from models nearly a decade old to brand-new models on our list of the
best Wi-Fi routers, that demand to install firmware updates to protect themselves from total hacker takeover.
Unfortunately, about 40 other Netgear models may not get whatever updates, as many of them are already too old to become whatever further back up.
We’ve got a list of all the afflicted models at the end of this story. All together, we’re looking at near fourscore different models of Wi-Fi routers, Wi-Fi range extenders, DSL gateways and other devices. The number of afflicted private units has to exist at least several hundred thousand, and may be in the low millions.
How to update your Netgear router’s firmware
The newer your Netgear router is, the easier it is to update the firmware. Netgear’s
Orbi mesh routers
generally update themselves, and they besides accept a companion smartphone app that you can use to check for and to install updates.
also take a companion app, although using information technology is optional for at least some models, as is the automated-update setting. With some Nighthawks, it’south more often than not all-time to go into the administrative interface (try “http://192.168.1.1/admin” or “routerlogin.net” while connected to your home network) and check the “Advanced” section for firmware updates. From there, you should be able to launch the update sequence.
If the in a higher place methods don’t work with your Netgear router, and so you need to go to Netgear support at https://www.netgear.com/support/ and type in the model number of your router in the search filed at the summit of the page. (We’ve got more instructions here on
how to update your router’due south firmware.)
Nonetheless, the model number may non be obvious. Some routers come up with their branding and specifications proudly listed on the box, such as “Nighthawk AXE11000 Tri-Band WiFi 6E.” But that’s not the model proper name, which is actually “RAXE500.” (That’due south the router in the photo at the top of this story, and it does need to be patched.)
Look for a sticker on the router itself displaying the model number — it may be on the side or on the bottom. To farther complicate things, Netgear sometimes changes the inner circuits of a router while leaving the exterior the same during the product lifespan, so you may see a “v2” or “v3” appended to the model number.
In one case y’all have the model number, the search part on the Netgear support site should take you lot to that model’southward support page. Scroll downwardly the page to discover “Firmware and Software Downloads” and click it.
You’ll then see a button that will let you download the firmware update to your PC or Mac. Practise that, but don’t forget to click the Release Notes link only below information technology, which in plow volition atomic number 82 you to a link that leads to a downloadable version of your router’s user manual, which will show you lot how to install the firmware update. The firmware update itself may come with its own instructions.
And then what is this Netgear flaw that’s being fixed?
The fatal flaw in all of these models involves a stack-overflow vulnerability in the Universal Plug and Play component of the router firmware. The flaw is catalogued as CVE-2021-34991 and is listed equally applying to only 1 specific router with a specific firmware version, which got an update on Sept. sixteen. But the problem is much more widespread than that.
Universal Plug and Play, or UPnP for short, is a protocol that lets new devices, such as gaming consoles or printers, connect to routers without a lot of fuss. Information technology turns out that a character limit in one function of the UPnP protocol on these Netgear routers permits an attacker on the local network — i.e., already linked to your router every bit a regular user — to send a malicious command to the router that overrides the routers internal safeguards and gives the router total control without any kind of authorisation.
Once that’s done, the assailant can pretty much come across anything yous do online, and tin also ship you to malicious websites or break into more devices on your network.
You may think that it’south enough to just continue intruders out of your network to forestall such an attack, simply it’s not that difficult to
crack a Wi-Fi network access password
or to sneak malicious software onto a poorly secured device, such as an out-of-engagement computer or a smart-home device.
Suffice information technology to say that you want to install the Netgear firmware update on your router tout suite — if you can.
Netgear routers with firmware patches available
Here’due south a list, copied from the Netgear website, of the models that have firmware updates or “hot fixes” available to fix this flaw, forth with the nigh recent firmware version that they should be updated to.
- R6400 stock-still in firmware version 184.108.40.206
- R6400v2 fixed in firmware version 220.127.116.11
- R6700v3 fixed in firmware version one.0.4.120
- R6900P stock-still in firmware version one.iii.3.142_HOTFIX
- R7000 fixed in firmware version ane.0.11.128
- R7000P stock-still in firmware version 1.3.iii.142_HOTFIX
- R7100LG fixed in firmware version 18.104.22.168
- R7850 fixed in firmware version 22.214.171.124
- R7900P fixed in firmware version 126.96.36.199
- R7960P fixed in firmware version ane.4.2.84
- R8000 fixed in firmware version 188.8.131.52
- R8000P fixed in firmware version i.4.2.84
- R8300 fixed in firmware version i.0.2.156
- R8500 fixed in firmware version 184.108.40.206
- RAX15 stock-still in firmware version i.0.4.100
- RAX20 fixed in firmware version 220.127.116.11
- RAX200 fixed in firmware version 18.104.22.168
- RAX35v2 stock-still in firmware version 22.214.171.124
- RAX38v2 fixed in firmware version 1.0.four.100
- RAX40v2 fixed in firmware version 1.0.four.100
- RAX42 fixed in firmware version one.0.4.100
- RAX43 fixed in firmware version 126.96.36.199
- RAX45 fixed in firmware version ane.0.4.100
- RAX48 fixed in firmware version one.0.iv.100
- RAX50 stock-still in firmware version 188.8.131.52
- RAX50S fixed in firmware version 1.0.iv.100
- RAX75 fixed in firmware version ane.0.5.132
- RAX80 fixed in firmware version 184.108.40.206
- RAXE450 fixed in firmware version one.0.8.70
- RAXE500 fixed in firmware version 220.127.116.11
- RS400 fixed in firmware version ane.5.1.eighty
- WNDR3400v3 fixed in firmware version 1.0.one.42
- WNR3500Lv2 fixed in firmware version 18.104.22.168
- XR300 stock-still in firmware version one.0.3.68
DSL Modem Routers:
- D6220 fixed in firmware version 22.214.171.124
- D6400 fixed in firmware version 126.96.36.199
- D7000v2 fixed in firmware version 188.8.131.52
- DGN2200v4 stock-still in firmware version 184.108.40.206
- EX3700 fixed in firmware version 220.127.116.11
- EX3800 fixed in firmware version i.0.0.94
- EX6120 fixed in firmware version i.0.0.66
- EX6130 stock-still in firmware version ane.0.0.66
- DC112A stock-still in firmware version 18.104.22.168
- CAX80 fixed in firmware version 2.1.3.five
Netgear models that may or may not go a firmware update
Hither’s a list of Netgear models that the Grimm team determined were vulnerable to these attacks, but which Netgear hasn’t specifically listed every bit getting patches for this flaw. The firmware version numbers listed beneath ARE vulnerable, according to Grimm.
Unfortunately, there are models on Netgear’s listing of patches that aren’t on Grimm’s list of vulnerable devices. And there are models on Grimm’s list that aren’t on Netgear’s listing, withal have received security patches in the concluding few months that pushed the firmware versions beyond the vulnerable ones listed below, so they may really take available patches for this flaw.
To complicate things further, there are vi models that Grimm says are not vulnerable because past firmware updates “broke” UPnP for them. Four of those — D6220, D6400, R6400 and R7000 — are on Netgear’southward listing of patched models. Two others, D8500 and R6300v2, are non, and the just bachelor firmware updates for them are the vulnerable ones listed beneath.
The best thing to do, if you have one of the models listed below, is to follow the procedures higher up virtually checking to run into if a firmware update is available for your model on the Netgear support site.
If the available firmware update has a version number after than what’s below, so you may exist getting a patch for the above flaw, especially if the release annotation for the flaw has a date in the past few months. Go alee and install the update.
Just if the version number of the available firmware update matches the firmware number below, and the release-note date is more than a few months old, then information technology might be time to get a new router.
- AC1450 – one.0.0.36
- D6300 – i.0.0.102
- D8500 – ane.0.iii.60
- DGN2200M – one.0.0.35
- DGND3700v1 – ane.0.0.17
- EX3920 – ane.0.0.88
- EX6000 – ane.0.0.44
- EX6100 – 22.214.171.124
- EX6150 – i.0.0.46
- EX6920 – 126.96.36.199
- EX7000 – one.0.1.94
- MVBR1210C – 188.8.131.52BM
- R4500 – one.0.0.four
- R6200 – ane.0.1.58
- R6200v2 – ane.0.3.12
- R6250 – i.0.four.48
- R6300 – 1.0.ii.80
- R6300v2 – 184.108.40.206
- R6700 – ane.0.2.16
- R6900 – ane.0.2.16
- R7300DST – one.0.0.74
- R7900 – 220.127.116.11
- WGR614v9 – 1.two.32
- WGT624v4 – 2.0.thirteen
- WNDR3300v1 – i.0.45
- WNDR3300v2 – ane.0.0.26
- WNDR3400v1 – 18.104.22.168
- WNDR3400v2 – 22.214.171.124
- WNDR3700v3 – 126.96.36.199
- WNDR4000 – i.0.2.10
- WNDR4500 – 188.8.131.52
- WNDR4500v2 – 184.108.40.206
- WNR834Bv2 – two.1.thirteen
- WNR1000v3 – 220.127.116.11
- WNR2000v2 – 1.ii.0.12
- WNR3500 – 1.0.36NA
- WNR3500v2 – 1.ii.2.28NA
- WNR3500L – 1.two.2.48NA