router is vulnerable to network attacks! NetGear R6300

[REDACTED]

Avast Free Antivirus  17.4.2294 (build 17.4.3482.0) Virus definitions 170518-8Avast Free
reports
Your router is vulnerable to network attacks!
Catalog ID: CVE-2017-5521

I have a NetGear Router R6300 at the latest firmware level (R6300 V1.0.2.78_1.0.58)
The device is configured to not allow remote access from the internet.

I do not see what the network attack might be.  Can anyone explain

The detailed Avast report is

Your router is vulnerable to network attacks!
Catalog ID: CVE-2017-5521

We have found vulnerabilities in your router that can be used by attackers to hack into your network.
DescriptionSolutionDifferent issue?
Description
Our scan has found that your router is vulnerable to attacks.
That is, the router contains a problem that can be misused by cybercriminals to break into your
network and compromise your security and privacy.

Solution
Some of the vulnerabilities are patched in new versions of the device firmware.
Therefore, applying the latest firmware update may solve the problem.
Routers typically do not perform automatic updates, so the process requires appropriate patches
to be manually downloaded and installed on the device.
Consult your router's manual for instructions to download the latest firmware and apply it to your router.

[Eddy]

The problem is the firmware from Netgear.
They still haven't solved this issue.

For more info see > https://www.google.nl/search?client=opera&q=CVE-2017-5521&sourceid=opera&ie=UTF-8&oe=UTF-8

[REDACTED]

Hello Eddy !

Thank you for that reference.

At https://www.trustwave.com/Resources/SpiderLabs-Blog/CVE-2017-5521--Bypassing-Authentication-on-NETGEAR-Routers/  I found this statement.

The vulnerability can be used by a remote attacker if remote administration is set to be Internet facing. By default this is not turned on.

My setting for remote administration is off, so I believe I am not vulnerable to this exploit.  Yet Avast reports a problem.  I have the latest firmware available from NetGear.  Is there a reference list from NetGear to indicate whether my particular model (R6300) has been patched to avoid this vulnerability ?

[Eddy]

It doesn't matter if it is turned on or not.
The vulnerability is there and that is what avast detects.

Read the firmware release notes at the Netgear website to see if it is patched or not.

[REDACTED]

Alas, R6300v1 is not in the NetGear repair list.  https://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability

I see an update one level above my current firmware on the NetGear site, but all they say is "Fixed security issues", and when I check for updates through my router management screen it show my current level to be the latest. (one level back from the latest shown on the NetGear site.)

My level: R6300 V1.0.2.78_1.0.58
Latest on NetGear site: R6300 V1.0.2.80_1.0.59

I am not having much luck in contacting NetGear.   I have an email outstanding to techsupport.security@netgear.com
Maybe they will respond

[Eddy]

Well, in general when a newer software/firmware update says "fixed security issues" it is always recommended to get and install it.
Even when they are not mentioning what exactly was fixed.

Some companies are open en tell what security issues where fixed while other remain silent on it and just say "we fixed things".
Very likely they are not telling things because they do not want the "bad guys" to know what was fixed.
Let's say they tell what security issues are fixed.
That means "the bad guys" will know what was not fixed and they will keep abusing it.
Not that it will make much difference, because "the bad guys" will find out in a really short time if something was not fixed.
I would say "Let's tell our customers/users what we fixed"

Anyway, I hope you get a response from NetGear (soon).

Have a nice weekend.

[REDACTED]

Hello Eddy !
NetGear responded and guided me through the manual update to R6300 V1.0.2.80_1.0.59.
The technician seemed surprised that the R6300v1 was not on the fixed list.  He will look in to that anomaly.
Thanks for your support too.

[REDACTED]

Yaaay !   Avast reports a clean network scan now !!!

[Eddy]

You're welcome.