These 45 Netgear routers can be hacked and will never be fixed — what to do now

We think this model does get a hotfix, though with many Netgear routers it’s hard to tell by appearances alone.

(Image credit: Netgear; Shutterstock)

Updated with comment from Netgear.

Forty-five different Netgear Wi-Fi routers and home gateways will never get security patches despite having serious security flaws that were disclosed in June, the company has now confirmed.

If you own or use one of these routers, it’s best to just throw it out and get a new one. You could try installing open-source router firmware such as OpenWRT on the old model if you’re technologically inclined.

Best Wi-Fi routers

AMD Big Navi performance leak makes RTX 3080 Ti look way better

Just in: Your VPN just got a lot less useful — here’s why

These routers were among nearly 80 Netgear models prone to total takeover by hackers who could exploit flaws in their administrative interfaces. The Netgear router flaws were revealed in mid-June.

Netgear has since been pushing out firmware updates and “hot fixes” for individual models one by one, but until last week it wasn’t clear which models would never get the fixes.

Now we know. Netgear updated its advisory on the issue July 20 with a grid listing each affected model and whether it would get a temporary hotfix, a full “production release” firmware patch or, sad to say, that the model was “outside security support period” and would get nothing.

These 45 Netgear routers can be hacked and will never be fixed — what to do now

Tom’s Guide has reached out to Netgear for comment, and we will update this story when we receive a reply.

Our friends at The Register went through the trouble of going through Netgear’s grid and compiling a text list of each dead-router-walking. We’ve borrowed that list and put it below.

Secure all your devices with router VPN or share it with a virtual router

How to find your Netgear router’s model number

One catch, however: Netgear is terrible at communicating the actual model number of a router to consumers. So while you may think your router model is, for example, “Nighthawk Smart WiFi AC1900”, those are just marketing terms used to describe both the R6900 and the R7000. (Both have hotfixes available.)

Go to your router, flip it around and look for a sticker on its bottom or backside. That will have the model number printed on it. Some model numbers have variants, such as R6300 (or R6300v1) versus R6300v2; that means something’s different about the internal hardware. In this case, v1 is “outside the security support period” while v2 gets a hotfix.

Every router that has not been declared to be part of the walking dead does have a hotfix or bonafide firmware update available, so if it’s not on the list below, go to Netgear’s security advisory or to this handy spreadsheet for links to the updates. We’ve got generic instructions on how to update your Netgear router at the end of an earlier story.

Update: Netgear statement

A Netgear representative provided us with this statement:

“Netgear has provided firmware updates with fixes for all supported products previously disclosed by ZDI and Grimm. The remaining products included in the published list are outside of our support window. In this specific instance, the parameters were based on the last sale date of the product into the channel, which was set at three years or longer.”

The 45 Netgear routers that won’t be patched

AC1450

D6300

DGN2200v1

DGN2200M

DGND3700v1

LG2200D

MBM621

MBR1200

MBR1515

MBR1516

MBR624GU

MBRN3000

MVBR1210C

R4500

R6200

R6200v2

R6300v1

R7300DST

WGR614v10

WGR614v8

WGR614v9

WGT624v4

WN2500RP

WN2500RPv2

WN3000RP

WN3000RPv2

WN3000RPv3

WN3100RP

WN3100RPv2

WN3500RP

WNCE3001

WNCE3001v2

WNDR3300v1

WNDR3300v2

WNDR3400v1

WNDR3400v2

WNDR3400v3

WNDR3700v3

WNDR4000

WNDR4500

WNDR4500v2

WNR3500v1

WNR3500Lv1

WNR3500v2

WNR834Bv2

Paul Wagenseil

Paul Wagenseil is a senior editor at Tom’s Guide focused on security and privacy. That’s all he’s going to tell you unless you meet him in person.

Leave a Reply

Your email address will not be published. Required fields are marked *