Alert icon

Your router is vulnerable to network attacks!

We have found vulnerabilities in your router that can be used by attackers to hack into your network.

Description


Our scan found a vulnerability on your router. Your router contains a problem that can be misused by cybercriminals to break into your network and compromise your security and privacy.

Solution


Some of the vulnerabilities may be patched in new versions of the device firmware. Applying the latest firmware update may solve the issue. Routers typically do not perform automatic updates, so you need to manually download and install the appropriate patches on the device.

Consult your router's manual for instructions. If updated firmware is not available, contact your router's vendor or manufacturer to provide a firmware update as soon as possible.

Done incorrectly, applying the latest firmware can make your router unusable. We recommend this method for advanced users or computer technicians only.

Details

We have identified the following problem with your router:

NETGEAR router command injection vulnerability


Severity: Medium

Reference: Shell Shock Labs

Description:
This vulnerability allows a remote attacker to gain control of several NETGEAR routers and your Internet connection. If you have Remote/WAN Management enabled on your router, the attacker can remotely utilize specially crafted commands on your router, turn it into remote code execution, and access all important and private data stored in the router -- your router login/password combination, your Wi-Fi password, and your configuration data.

Impact:
Any device connected to your network -- including computers, phones, tablets, printers, security cameras, or any other networked device in your home or office network -- may have an increased risk of compromise.

Recommendation:
Aside from applying the firmware update that addresses the issue, this vulnerability can be mitigated by disabling Remote/WAN Management and allowing only trusted devices to access your local network.

Avast Wi-Fi Inspector supported alerts:



© 1988-2021 Copyright Avast Software s.r.o.