A new firmware released for NightHawk R7000 Netgear routers includes a remote data collection feature, here’s how to turn off it.
In December, a researcher who used the online moniker AceW0rm released a proof-of-concept code exploit working against some NetGear routers because the vendor did not reply to his ethical disclosure occurred in in August.
Some versions of Netgear routers remained affected by a security flaw that could be exploited by hackers to gain root access on the device and remotely run code.
AceW0rm privately disclosed the flaw to Netgear in August but he did not receive any response from the company.
In a first time, security experts warned of serious security issues in two Netgear routers, the Netgear R7000 and R6400 routers but the situation was worst.
Netgear publicly admitted the vulnerability and informed its customer that it was aware of the issue affecting home routers belonging to Netgear’s Nighthawk line.
Last week Netgear rolled out a firmware update only for its wireless router model NightHawk R7000, but experts discovered it included a remote data collection feature that collects router’s analytics data and sends it to the vendor.
Experts believe Netgear will release firmware updated with this feature also for other router models in upcoming days.
The last firmware issued by the company include a remote data collection feature that gathers the following information from the devices:
- Total number of devices connected to the router
- IP address
- MAC addresses
- Serial number
- Router’s running status
- Types of connections
- LAN/WAN status
- Wi-Fi bands and channels
- Technical details about the use and functioning of the router and the WiFi network.
Netgear downplayed the issue declaring that the procedure in the new firmware is a routine diagnostic data.
“Technical data about the functioning and use of our routers and their WiFi network can help us to more quickly isolate and debug general technical issues, improve router features and functionality, and improve the performance and usability of our routers.” reads the advisory published by NetGear.”Such data may include information regarding the router’s running status, number of devices connected to the router, types of connections, LAN/WAN status, WiFi bands and channels, IP address, MAC address, serial number, and similar technical data about the use and functioning of the router, as well as its WiFi network.”
Of course, customers are concerned about this data collection, especially about IP address and MAC address being collected by the firm.
Users can disable this feature following the instructions published by Netgear:
- Launch a web browser from a computer or mobile device that is connected to the network.
- Enter https://www.routerlogin.net.
A login window opens. - Enter the router user name and password.
The user name is admin. The default password is password. The user name and password are case-sensitive.
The BASIC Home page displays. - Select ADVANCED > Administration > Router Update.
The Router Update page displays. - Scroll down to the Router Analytics Data Collection section.
- To enable router analytics data collections, select the Enable radio button.
- To disable router analytics data collections, select the Disable radio button.
- To view the type of data that might be collected, click the router analytics data link.
- Click the Apply button.
Your settings are saved.
Some experts are questioning how router data is stored by the company.
Source:https://securityaffairs.co/wordpress/59341/hacking/netgear-routers-data-collection-feature.html
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.