Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Netgear Patch Said to Leave Backdoor Problem in Router

24 Apr 2014   #1
A Guy

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
 
 
Netgear Patch Said to Leave Backdoor Problem in Router

Quote:
The security researcher who identified an admin backdoor in a range of routers last year has found that Netgear's patches don't adequately address the security issue.

In December, Eloi Vanderbeken discovered that he could get a remote root shell on his Linksys WAG200G router without authenticating when connecting to the device over TCP port 32764. The same backdoor feature was later confirmed in 24 router models sold under the Netgear, Cisco Systems, Linksys (now owned by Belkin) and Diamond brands and it was believed to have its origins in firmware code developed by Sercomm, a Taiwan-based manufacturer of wireless and broadband equipment that serves as hardware partner for multiple networking vendors.

Vanderbeken, a researcher at Paris-based IT security firm Synacktiv, recently downloaded and analyzed a firmware update released by Netgear for its DGN1000 Wireless router and DSL modem that was supposed to have fixed the issue. He found that the backdoor is no longer directly accessible over port 32764 TCP, but that it can be reactivated by sending raw Ethernet packets to the device with protocol type 0x8888 and the MD5 signature of the router model (DGN1000) as the payload.

"The 0x8888 ethertype and packet structure is used in an old Sercomm update tool," the researcher said in a report of his findings.
Source

A Guy


My System SpecsSystem Spec
.

Reply

 Netgear Patch Said to Leave Backdoor Problem in Router




Thread Tools





Similar help and support threads
Thread Forum
netgear router
Internet Icon shows this netgear99 2. Properites shows .
Hardware & Devices
Backdoor in wireless DSL routers lets attacker reset router, get admin
Source A Guy
Security News
D-Link Router backdoor vulnerability discovered
Source D-Link to padlock router backdoor by end of October Source A Guy
Security News
Netgear N600 router & Netgear WN3000 range extender
Should be easy!.... But I cannot get my NEW Netgear N600 router to communicate with a NEW Netgear WN 3000 RP extender. The instructions say to press the WPS button on the extender then the WPS button on the router. No WPS button exists on the router! The instructions also I can use any...
Network & Sharing
problem with netgear router
hello i currently have a netgear rangemax wireless g router (wpn824 version 2) and it repeatedly resets several times a day might take like an hour before it will let me on the internet then its just a matter of time till it starts resetting again and again and i was wondering i tried doing a...
Network & Sharing
Netgear Router Help
Hey all, Just upgraded my firmware on netgear dg8343g version 2 and the Internet light keeps flashing yellow for about 10 seconds, stops then tries again.. all the settings are still there, it says Negotiation: lcp is allowed to come up then keeps refreshing every few seconds any idea how...
Network & Sharing

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 17:42.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App