Netgear firmware issue discovered recently

Post new topic   This topic is locked: you cannot edit posts or make replies.    DD-WRT Forum Index -> Broadcom SoC based Hardware
Author Message
explorerv
DD-WRT Novice


Joined: 22 Oct 2017
Posts: 6

PostPosted: Sun Jul 04, 2021 9:18    Post subject: Netgear firmware issue discovered recently Reply with quote
Hello,

Recently there was an issue spotted on the Netgear's firmware:
https://www.microsoft.com/security/blog/2021/06/30/microsoft-finds-new-netgear-firmware-vulnerabilities-that-could-lead-to-identity-theft-and-full-system-compromise/?ocid=usoc_LINKEDIN_M365_spl100002250374784
As I'm using Netgear WNR3500L v1, with DD-WRT v3.0-r33555 mega firmware, just wondered if the issue could be observed there also?

best,
Sponsor
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6858
Location: Romerike, Norway

PostPosted: Sun Jul 04, 2021 11:45    Post subject: Reply with quote
Passwords in dd-wrt are encrypted, so this vulnerability will not apply.

However you are running an old build. Lots are patched since them. The latest build is 47000.


The web configurator is not by default accessible from the WAN, so the attacker must be located in your lan.
explorerv
DD-WRT Novice


Joined: 22 Oct 2017
Posts: 6

PostPosted: Sun Jul 04, 2021 12:37    Post subject: Reply with quote
Per Yngve Berg wrote:

....

However you are running an old build. Lots are patched since them. The latest build is 47000.


....


Thanks for the explanation!
Still, could you or someone else confirm that the mentioned latest build 47000, could run on Netgear WNR3500L v1?
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14126
Location: Texas, USA

PostPosted: Sun Jul 04, 2021 17:48    Post subject: Reply with quote
We have no control over users flashing and reporting in the build threads like they should to help serve the community at large. This could turn into a trial-and-error situation quite easily.

https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1229246

https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=311850

https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=285772

https://wiki.dd-wrt.com/wiki/index.php/Netgear_WNR3500L

The Maximum image size for this device is ~7654605 bytes; I am looking back through builds from this year with key patches and so far, it looks as if 45955, 46130, and 46220 big K2.6 image will flash; no recent K3.x images are small enough to flash that I am aware of due to lack of reporting. I would have to contact BrainSlayer to see about any resolution to upgrade to anything newer. With all of the changes and Netgear's hard-coded constraints on this device, you'd be lucky to be able to flash 470000 mini K2.6.

_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
explorerv
DD-WRT Novice


Joined: 22 Oct 2017
Posts: 6

PostPosted: Mon Jul 05, 2021 7:21    Post subject: Reply with quote
I manage to flash dd-wrt.v24-47000_NEWD-2_K3.x_mega, but unfortunately no traffic could pass and I had to revert to the previously running dd-wrt.v24-33555_NEWD-2_K3.x_mega.
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14126
Location: Texas, USA

PostPosted: Mon Jul 05, 2021 9:14    Post subject: Reply with quote
Ok, was this flash with or without a reset? It would've been great to have syslog, dmesg or serial console log to see what wasn't working.
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
explorerv
DD-WRT Novice


Joined: 22 Oct 2017
Posts: 6

PostPosted: Mon Jul 05, 2021 11:16    Post subject: Reply with quote
kernel-panic69 wrote:
Ok, was this flash with or without a reset? It would've been great to have syslog, dmesg or serial console log to see what wasn't working.


The flash was via the web UI, without reset. I had ping to the WAN interface from my PC, but not further to the ISP's device. From the router I could ping the next hop though.
As here is a work day and I had to bring up the home office for remote work, I decided to revert to previous setup.
Hopefully I'll have more time over the weekend to play with the new version and will collect at least the syslog.
btw, is there a way to do this from the web-interface or I'll need ssh?
My main concern was the Netgear's firmware new vulnerability, but it turned out that this is not the case even with the older versions of DD-WRT firmware.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12839
Location: Netherlands

PostPosted: Mon Jul 05, 2021 11:38    Post subject: Reply with quote
Some K3 builds appear to be broken for the last 3 builds I think.
My E2000 running K3 build 46979 (which is K4.4) had the same symptoms:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=329423

I am not at home so cannot test any further

Latest working build for these routers could be 46949 but not sure

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14126
Location: Texas, USA

PostPosted: Mon Jul 05, 2021 12:37    Post subject: Reply with quote
There was an issue with Netgears specifically that *should* be fixed in 47000. 46885 is what is on my K3X E4200 at the moment. I suggest re-flashing and doing a hard reset and re-reconfiguring from scratch. If the issue still persists, provide output of 'cat /var/log/messages' 'dmesg' and serial console.
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net


Last edited by kernel-panic69 on Sat Jul 10, 2021 9:21; edited 1 time in total
explorerv
DD-WRT Novice


Joined: 22 Oct 2017
Posts: 6

PostPosted: Sat Jul 10, 2021 9:13    Post subject: Reply with quote
Seems like dd-wrt.v24-47033_NEWD-2_K3.x_mega.bin did the job Smile
Everything is working fine without reset.
The only issue is the old case with the HW detection, as Linksys WRT54G/GL/GS.
Anyway, great job. Thanks for the input!
If anyone is asking, Netgear WNR3500L v1 is working fine with the version above.

have a great weekend!
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14126
Location: Texas, USA

PostPosted: Sat Jul 10, 2021 18:39    Post subject: Reply with quote
Good to hear. Wiki updated and a reference post was put in the build thread.
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Display posts from previous:    Page 1 of 1
Post new topic   This topic is locked: you cannot edit posts or make replies.    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum