RouterCheck Detects the Netgear Authentication Bypass

Netgear_logo_2014RouterCheck now detects the Netgear Authentication Bypass problem that was disclosed several days ago by Compass Security Schweiz Ltd. This is a serious problem that allows hackers to gain access to a router’s administration functionality without having to login. Several thousands of routers are believed to have been affected by a targeted attack against this vulnerability. These routers have had their DNS settings modified to point to resources that were controlled by hackers.

This vulnerability is known to affect the following routers, although the list is not necessarily complete:

  • JNR1010v2
  • JWNR2000v5
  • JWNR2010v5
  • WNR614
  • WNR618
  • WNR1000v4
  • WNR2020
  • WNR2020v2

Since disclosure of this problem, Netgear has released a patched firmware that fixes the problem. Users who find that their routers are vulnerable to this problem are urged to install the fix.

Users who would like to test their router to determine whether they are vulnerable to this problem can do so by installing and running the latest version of RouterCheck (version 0.8.16 or later).