Netgear router vulnerability

There are press reports referring to a vulnerability in some Netgear routers, which is already being exploited to change their DNS addresses to possibly malicious sites. Although these reports state that only certain routers are affected, I have not seen one which specifies which models – making the reports of very little use.

According to the original security advisory, this vulnerability affects Netgear WNR1000v4 and related routers running firmware versions N3001.1.0.31_1.0.1 and N3001.1.0.28_1.0.1. If your router is runs either of those firmware versions, Netgear are due to release a firmware revision which should fix the problem. However I have been unable to find any further information on the Netgear site (which is hardly easy to navigate either).

According to Shellshock, this vulnerability affects Netgear JNR1010v2, JNR3000, JWNR2000v5, JWNR2010v5, N300, R3250, WNR2020, WNR614, and WNR618 models.

As the advisory states, there is no user workaround; if your router is vulnerable, you should take it offline as soon as you can, until the vulnerability is patched. Disabling remote access does not prevent potential attackers from exploiting this vulnerability, I am afraid.