Netgear advises users to use another router! (Security Vulnerability exposed)
Re: Netgear advises users to use another router! (Security Vulnerability exposed)
I don't think Netgear advised people to use other routers. At least I have not seen that anywhere. I did see the CERT who identified this vulnerability published a fix for this using the actual vulnerability exploit which is http://<router_IP>/cgi-bin/;killall$IFS'httpd'. This has to be the first time an exploit has been used to mitigate a vulnerability as far as I am aware.
Netgear have now published updates for all the impacted models and so it's really not so big of an issue. The infosec world made a huge deal out of this when it really still pales in comparison to the damage that can be done using simple msOffice macro documents. To exploit this, an attacker would need to either be inside the LAN, or socially engineer someone into clicking a link which executed a command inside the victims LAN, but to do this, the attacker would already have to know what router the target was using.
I watched this closely as i have one of these models (patched)