How Long Does It Take To Register My Netgear Switch

Thousands of Netgear routers are at risk of getting hacked: What to do

The Netgear Nighthawk R7000, which has ane of the more severe vulnerabilities. (Image credit: Netgear)

Netgear this week has pushed out a passel of patches for its home networking gear, covering seven modem-router gateways, 1 range extender and 40-odd routers, including some Nighthawk models and Orbi mesh routers and satellites.

A full listing of the affected models is at the cease of this story.

The worst of the flaws (opens in new tab) lets hackers remotely install malware on the Nighthawk X4S gaming router, model R7800. That could lead to the entire Wi-Fi network and all web traffic that runs through information technology being compromised. Netgear gives that vulnerability a severity score of 9.4/10, which qualifies as "disquisitional."

All-time Wi-Fi routers: Keep that habitation network humming
How to update your router'south firmware: What to do
PLUS: Coronavirus only canceled i of the biggest events of the year

Well-nigh as bad is a "pre-authentication command injection security vulnerability (opens in new tab)" on five models, which could also pb to full network takeover. That affects router models R6400v2, R6700, R6700v3, R6900 and R7900. It gets a "high" severity rating of viii.3/x.

Right behind that is a "post-authentication control injection security vulnerability (opens in new tab)." The only difference from the previous flaw is that the assailant patently has to be logged in somehow.

Information technology gets a "high" rating of eight/ten and affects the D6220, D6400, D7000v2 and D8500 gateways and the R6220, R6250, R6260, R6400, R6400v2, R6700, R6700v2, R6700v3, R6800, R6900, R6900P, R6900v2, R7000, R7000P, R7100LG, R7300DST, R7800, R7900, R7900P, R8000, R8000P, R8300, R8500, R8900, R9000 and XR500 routers.

A router VPN is the all-time way to secure your Wi-Fi at home

The less astringent flaws

Moderately dangerous is an "authentication bypass security vulnerability (opens in new tab)" on 11 routers and gateways and one range extender. Netgear's description of the flaw is pretty vague, but given the vi.viii/x, "medium" severity score, information technology implies that an exterior attacker could proceeds unauthorized admission to your home Wi-Fi network.

That may be a danger to other devices connected to the network, but probably not to the router itself. This flaw affects the D6200 and D7000 modem-routers, the PR2000 Wi-Fi range extender and the R6050, JR6150, R6120, R6220, R6230, R6260, R6700v2, R6800 and R6900v2 routers.

About 20 flaws involve "stored cross-site scripting," which may mean that someone could add unauthorized commands to the router'due south administrative interface, provided they have the administrative passwords in the first place. Nosotros're just guessing hither, as Netgear isn't providing details.

But Netgear has given all these "medium" severity scores of 6/10. There are too many routers affected to list in this paragraph. Suffice it to say if your model appears in the table below, but not in the lists of the more severe flaws above, then it's got one of these cantankerous-site scripting flaws.

A virtual router can share your VPN connections with other devices

Which Netgear router do I have?

Now comes the fun function. Netgear does a terrible task of communicating to its customers exactly what each router's model number actually is.

Netgear barely uses the actual model numbers in its consumer marketing and packaging, which doesn't help when its customers take to scramble to effigy out whether their model needs a security update.

For example, the R8000P, one of the models that currently has a cantankerous-site-scripting flaw, is marketed equally the "AC4000 Nighthawk X6S Tri-Band WiFi Router with MU-MIMO (opens in new tab)."

On the Netgear website page for that model, you take to squint to find the model number, or notice that the number is part of the page's URL. Likewise, our own Netgear Nighthawk X6S review doesn't mention the actual R8000P model proper noun.

To make sure which Netgear model you have, turn the device over and wait at the sticker on the bottom. The model number should exist in the upper left, printed underneath the "NETGEAR" logo.

How to update your Netgear router's firmware

Unfortunately, the update procedures differ amidst the various models. The Orbis and some of the newer Nighthawks tin be patched via their companion smartphone apps. Older models may need to be patched manually by downloading a compressed file to a PC or Mac, then connecting the router or modem-router to the computer.

Easiest:

If your router does have a companion smartphone Netgear app, then please do poke around in that and find out where to update the router'south firmware.

Somewhat less piece of cake:

Y'all can likewise popular open a web browser on a laptop or PC when y'all're connected to your habitation Wi-Fi network and type in "www.routerlogin.cyberspace" or "192.168.1.ane". That should take yous to the local administration interface for the router.

Type in your administrative username and password -- let's promise yous didn't leave them on the factory defaults -- then find the Advanced tab, select Assistants so Router Update. Click "Check" and the router will check for an update, after which y'all tin follow the instructions to install information technology.

Pain in the barrel, but you lot gotta exercise it if nothing else works:

Alternately, all Netgear customers can become to the Netgear back up website (opens in new tab), become through a few steps to narrow down the option to their model, run into if in that location's firmware available, download information technology to your PC and and then, well, find the online user manual for instructions on how to install the firmware.

We wish this was an easier procedure. Router updates are one of the most disquisitional things you can practise to keep your computers, smartphones, gaming consoles, smart-domicile devices and personal data rubber. Anytime all router makers will understand that.

All Netgear habitation networking devices that need to install the March 2020 firmware updates

Modem/routers:

D6200, D6220, D6400, D7000, D7000v2, D7800, D8500

Range extenders:

PR2000

Routers:

JR6150, R6120, R6220, R6230, R6250, R6260, R6400, R6400v2, R6700, R6700v2, R6700v3, R6800, R6900, R6900P, R6900v2, R7000, R7000P, R7100LG, R7300DST, R7500v2, R7800, R7900, R7900P, R8000, R8000P, R8300, R8500, R8900, R9000, RAX120, RBR20 (Orbi), RBS20 (Orbi), RBK20 (Orbi), RBR40 (Orbi), RBS40 (Orbi), RBK40 (Orbi), RBR50 (Orbi), RBS50 (Orbi), RBK50 (Orbi), XR500, XR700

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul commuter, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom'south Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random Boob tube news spots and even moderated a panel discussion at the CEDIA home-technology conference. Yous can follow his rants on Twitter at @snd_wagenseil.