User Tools

Site Tools


hardware:routers:netgear_routers

Hardware - Routers - Netgear Routers

ALERT: Recommendation is to stay away, as security is taken very lightly.


Genie Issue

Many Netgear routers have a remote authentication bypass bug.

This means malware or miscreants that are on your network, or anyone else is able to reach the device's web-based configuration interface, can gain control without having to provide a password.

Just stick the following in the URL to gain full access:

&genie=1

NOTE: The genie_restoring.cgi script, provided by the box's built-in web server, can be abused to extract files and passwords from its filesystem in flash storage – it can even be used to pull files from USB sticks plugged into the router.


Protected Setup button Issue

Pressing the Wi-Fi Protected Setup button, many of Netgear's routers open up a two-minute window during which an attacker can potentially execute arbitrary code on the router as root over the air.


References

hardware/routers/netgear_routers.txt · Last modified: 2023/06/09 17:15 by peter

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki