The manufacturer NETGEAR has issued an urgent notice for all owners of professional VPN and firewall routers, the affected models are the BR200 and BR500, two models widely used by small and medium-sized businesses as they have advanced configuration options. The manufacturer has declared that due to technical limitations beyond its control, they will not be able to correct these critical security vulnerabilities, that is, the manufacturer leaves all its clients completely stranded and invites them to buy another model of professional router to replace it as soon as possible.
Security flaws in the BR200 and BR500
This router model acts as a VPN for companies, allows clients to be connected in remote access mode, and also allows VPN tunnels to be established between different offices to intercommunicate them. The BR200 and BR500 have a powerful firewall that is highly configurable, in addition, we can segment the local network into VLANs to add a layer of security to the professional local network.
Now the manufacturer NETGEAR has published an advisory and has sent an email to all customers and users of this router, warning that they are aware of critical security vulnerabilities affecting two of their business routers. That there are vulnerabilities in professional products is something “normal”, and it is that all manufacturers such as Cisco, Ubiquiti and many others have suffered from these security flaws, however, what is not normal is that the manufacturer indicates the following:
” Due to technical limitations beyond our control, we are unable to fix these vulnerabilities.«
It is very worrying that a vendor like NETGEAR cannot fix this bug, let alone a professional router used by thousands of companies around the world. Below, you can see the complete email:
The manufacturer says that this vulnerability requires a computer that manages the router to visit a malicious website, and to click on the link while having the router’s graphical user interface open, in order to be exploited. Although it may seem like a lot of requirements, a well-designed phishing attack could do both simultaneously to exploit the vulnerability in the router and take full control of the device.
The most striking thing is that the manufacturer NETGEAR offers absolutely no patch to solve the problem, the only thing it recommends is the following:
- Isolate the local network using VLANs.
- Use MAC-based access control lists.
- Make sure that the PC that enters the graphical user interface is properly protected, to avoid exploiting the vulnerability in the router.
- Do not visit any malicious or suspicious website, avoid Phishing.
- Close all browser tabs except the router graphical interface.
- Make sure that we have logged out of the router.
That is, basic security recommendations that do not solve the problem at all.
If you are affected by this security flaw, stop using your routers as soon as possible.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.