In December, a researcher who used the online moniker AceW0rm released a proof-of-concept code exploit working against some NetGear routers because the vendor did not reply to his ethical disclosure occurred in in August.
Some versions of Netgear routers remained affected by a security flaw that could be exploited by hackers to gain root access on the device and remotely run code.
— Acew0rm (@Acew0rm1) December 11, 2016
AceW0rm privately disclosed the flaw to Netgear in August but he did not receive any response from the company.
In a first time, security experts warned of serious security issues in two Netgear routers, the Netgear R7000 and R6400 routers but the situation was worst.
Netgear publicly admitted the vulnerability and informed its customer that it was aware of the issue affecting home routers belonging to Netgear’s Nighthawk line.
Last week Netgear rolled out a firmware update only for its wireless router model NightHawk R7000, but experts discovered it included a remote data collection feature that collects router’s analytics data and sends it to the vendor.
Experts believe Netgear will release firmware updated with this feature also for other router models in upcoming days.
The last firmware issued by the company include a remote data collection feature that gathers the following information from the devices:
Netgear downplayed the issue declaring that the procedure in the new firmware is a routine diagnostic data.
“Technical data about the functioning and use of our routers and their WiFi network can help us to more quickly isolate and debug general technical issues, improve router features and functionality, and improve the performance and usability of our routers.” reads the advisory published by NetGear.”Such data may include information regarding the router’s running status, number of devices connected to the router, types of connections, LAN/WAN status, WiFi bands and channels, IP address, MAC address, serial number, and similar technical data about the use and functioning of the router, as well as its WiFi network.”
Of course, customers are concerned about this data collection, especially about IP address and MAC address being collected by the firm.
Users can disable this feature following the instructions published by Netgear:
Some experts are questioning how router data is stored by the company.
(Security Affairs – Netgear R7000 and R6400 routers, hacking)