Recently, researchers found an unpatched zero-day vulnerability in Netgear routers that potentially puts 79 device models at risk.
According to the Zero Day Initiative:
The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.
In essence, this vulnerability enables an attacker to take control of your router without knowing the router password.
Worse yet, since the vulnerability occurs before the Cross-Site Request Forgery (CSRF) token is checked, an attacker can break into your router when you browse a web page that contains malicious content..
While this story may sound new, it is actually a repeating story. Enter “netgear router csrf” into Google, I found similar stories year after year.
Here are several things you can do:
The caveat with option 1 is, for some devices in the vulnerable list, Netgear no longer releases updates. Even if you get an update or get a new router, are you sure the same type of vulnerabilities won’t come back to bite you next year?
In our opinion, switching to open source firmware is the only viable option in the long run. Open source projects usually release security updates faster, and they support legacy hardware longer.
At the very least, you should try to stop CSRF. To do it properly, you need three steps:
Warning: do not install browser extensions to disable WebRTC. It is not necessary and it may bring additional security risks.