Security Alerts & News
by Tymoteusz A. Góral

#935 Netgear router update removes hardcoded crypto keys
Netgear on Friday released firmware updates for two of its router products lines, patching vulnerabilities that were reported six months ago.

Users should update to firmware version, which includes fixes for an authentication bypass vulnerability and also addresses a hard-coded cryptographic key embedded in older versions of the firmware.

A vulnerability note published by CERT operating at the Software Engineering Institute at Carnegie Mellon University said Netgear router models D6000 and D3600 running firmware versions and are affected. CERT cautions that other models and firmware versions could also be susceptible to the same issues.
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12