What's new

Netgear r6300V2 soap security hole

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

dweezle

New Around Here
This week news came out about a security hole in a number of Netgear wireless routers, including my r6300v2.

http://betanews.com/2015/02/19/soap-vulnerability-leaves-netgear-routers-open-to-hackers/

http://www.securityfocus.com/archive/1/534720

I'm someone who has usually managed to get by with a minimum of technical knowledge. :eek: I can't figure out exactly how panicked I should be about this security problem. I don't have remote access enabled on the router (stock firmware V1.0.3.22_10.0.67) The router is doing a great job for my needs at present. Is this security issue serious enough for me to install DD-WRT firmware, or would I be opening a new bunch of potential problems? Thanks for any help you can offer with this.
 
That sounds like yet another flaw with "cloud" remote admin of routers. SOAP is a set of protocols for network controls of servers - and the remote admin function of a WiFi router is a form of server.

If I were you, I'd make sure that your router's remote (Internet) admin capability is OFF/disabled. Same for admin via WiFi. Admin only via wired LAN and with a good password.

Look to for some hidden feature for remote Netgear firmware updates or automatic updates or some such, and disable that.

The high end WiFi routers are getting too elaborate and the vendors are trying to begin to monetize router admin and new marketing tricks - like reporting your web surfing habits to them and they sell that.
 
This week news came out about a security hole in a number of Netgear wireless routers, including my r6300v2.

http://betanews.com/2015/02/19/soap-vulnerability-leaves-netgear-routers-open-to-hackers/

http://www.securityfocus.com/archive/1/534720

I'm someone who has usually managed to get by with a minimum of technical knowledge. :eek: I can't figure out exactly how panicked I should be about this security problem. I don't have remote access enabled on the router (stock firmware V1.0.3.22_10.0.67) The router is doing a great job for my needs at present. Is this security issue serious enough for me to install DD-WRT firmware, or would I be opening a new bunch of potential problems? Thanks for any help you can offer with this.

Don't use/enable remote management and you'll be fine and wait for a new FW. This has been discussed many times on the NETGEAR forum :)

Installing third party FW usually disables hardware acceleration which lowers throughput, which can matter if you have a fast connection
 
Last edited:
The high end WiFi routers are getting too elaborate and the vendors are trying to begin to monetize router admin and new marketing tricks - like reporting your web surfing habits to them and they sell that.

Completely agree with you - there is no reason to have a SOAP/XML interface running on a consumer AP/Router, esp accessible from the WAN side.

I can understand a carrier gateway, where provisioning must be done, but still...

sfx
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top