Forty-five Netgear routers can be hacked, and Netgear has decided not to issue a firmware update to fix the flaws.
In June, security researchers found that nearly 80 router and gateway models had a remote code execution vulnerability that renders them open to the possibility of being exploited by a hacker who could take control of the router after bypassing login credentials.
Netgear issued patches to fix 34 affected models but won’t be issuing a fix for the other 45 models because they are "outside [the] security support period."
"Netgear has provided firmware updates with fixes for all supported products previously disclosed by ZDI and Grimm,” the company said in a statement to Tom’s Guide. “The remaining products included in the published list are outside of our support window. In this specific instance, the parameters were based on the last sale date of the product into the channel, which was set at three years or longer."
Below is a list of each router that has the flaw but won’t receive a fix, as compiled by The Register. To find your router’s model number, look for a sticker on either the bottom or back of the device with a string of numbers and letters written on it.
“Some model numbers have variants, such as R6300 (or R6300v1) versus R6300v2; that means something's different about the internal hardware,” notes Tom’s Guide. “In this case, v1 is ‘outside the security support period’ while v2 gets a hotfix.”
Users with one of the affected models are advised to consider upgrading their device or disabling the Remote Management feature to guard against remote attacks.