Forty-five Netgear routers can be hacked, and Netgear has decided not to issue a firmware update to fix the flaws.
In June, security researchers found that nearly 80 router and gateway models had a remote code execution vulnerability that renders them open to the possibility of being exploited by a hacker who could take control of the router after bypassing login credentials.
Netgear issued patches to fix 34 affected models but won’t be issuing a fix for the other 45 models because they are "outside [the] security support period."
"Netgear has provided firmware updates with fixes for all supported products previously disclosed by ZDI and Grimm,” the company said in a statement to Tom’s Guide. “The remaining products included in the published list are outside of our support window. In this specific instance, the parameters were based on the last sale date of the product into the channel, which was set at three years or longer."
Affected models
Below is a list of each router that has the flaw but won’t receive a fix, as compiled by The Register. To find your router’s model number, look for a sticker on either the bottom or back of the device with a string of numbers and letters written on it.
“Some model numbers have variants, such as R6300 (or R6300v1) versus R6300v2; that means something's different about the internal hardware,” notes Tom’s Guide. “In this case, v1 is ‘outside the security support period’ while v2 gets a hotfix.”
AC1450
D6300
DGN2200v1
DGN2200M
DGND3700v1
LG2200D
MBM621
MBR1200
MBR1515
MBR1516
MBR624GU
MBRN3000
MVBR1210C
R4500
R6200
R6200v2
R6300v1
R7300DST
WGR614v10
WGR614v8
WGR614v9
WGT624v4
WN2500RP
WN2500RPv2
WN3000RP
WN3000RPv2
WN3000RPv3
WN3100RP
WN3100RPv2
WN3500RP
WNCE3001
WNCE3001v2
WNDR3300v1
WNDR3300v2
WNDR3400v1
WNDR3400v2
WNDR3400v3
WNDR3700v3
WNDR4000
WNDR4500
WNDR4500v2
WNR3500v1
WNR3500Lv1
WNR3500v2
WNR834Bv2
Users with one of the affected models are advised to consider upgrading their device or disabling the Remote Management feature to guard against remote attacks.