Just want to make sure everybody is aware of this…
Yeah, the list of affected routers is a lot longer than initially reported. One of my routers (a Netgear R6250), used as a wireless access point so technically not available to the internet, is on the list. I just updated to the supposedly safe, beta firmware out of an abundance of caution.
Beta fix firmware installed. Yikes.
I have one of the ones on the list, but if I’m only using it for wireless and passing it through to another router, am I safe?
The vulnerability is in the router web server, so if you can get to that web server from your browser, I think it wouldn’t be safe…I’m certainly no expert though.
Yeah, I don’t think mine is vulnerable. I did the test laid out at this link and could not get to telnet. I’m going to make a command decision to not worry about it.
If you have a Netgear router, patch immediately
I skimmed the Tom’s article and didn’t see if this is the kr00k exploit:
I’m using FreshTomato custom firmware on my R7000 so I’ll have to look into it further.