If you have one of these, patch now:
A week after security experts at Carnegie Mellon’s CERT advised consumers about a serious security hole in home routers from the networking equipment maker NETGEAR, that firm has expanded the list of affected router models to 11, while offering official software patches for three of those models.
NETGEAR said on Friday that it has tested and released “production” software updates for three home router models that were found to contain a serious command injection software flaw that made them susceptible to remote hacking. A search of the Internet revealed more than 11,000 vulnerable devices.
The company released updated software for its R6400, R7000 and R8000 model routers, according to an update posted to NETGEAR’s support website. However, eight more home routers were also found to be vulnerable to the flaw and have only untested or “beta” software available to fix it.