Skip to Content
Security flaw found in popular routers
© Flynt | Dreamstime.com
Security & privacy

Check your router! Models from 200+ companies at risk

Are you happy with your internet service? Does it seem to be running slower than expected despite shelling out for faster service?

Many factors could affect your internet speed, including the number of devices on the network, your equipment, your browser choice, and more. The simplest one to diagnose and fix is router placement. Finding a good spot for it can increase your speed and signal strength. Tap or click here for tips on the best locations for your router.

As with anything connected to the internet, your router is vulnerable to cyberattacks. Things just got considerably worse. A flaw has been discovered that can make your router vulnerable to hackers and enable them to direct you to malicious sites. Keep reading for details and how to stay protected.

The flaw

Nozomi Networks revealed a flaw in the third-party code library (uClibc and uClibc-ng) used by major vendors such as Linksys, Netgear and Axis. Hackers can exploit this vulnerability to force a router to connect to a malicious site or server by “poisoning” Domain Name System (DNS) requests.

When you open your web browser and navigate to a website, you enter a domain name such as komando.com, and you’re there. This is made possible by DNS, which translates domain names to IP addresses. A poisoned request can trick the DNS with fraudulent IP addresses and send you elsewhere.

The hacker can then install malware, phish for personal and financial information, spy on you and perform other attacks.

RELATED: Android phones are vulnerable to a years-old bug – Is your phone at risk?

What you can do

The vulnerability is unpatched as of now, but that doesn’t mean your hands are tied.

Netgear issued a security advisory, saying that it’s “assessing which products are affected.” The company recommends updating your devices with the latest firmware, and we strongly recommend you do the same with all your connected tech.

You’ll need to access your router admin page to update it. This, in turn, requires the admin password and the IP address used by your router.

Check your user guide for this information. If you don’t have it, you can check routeripaddress.com. The site provides information about your router’s manufacturer, its release date, default IP address, and login credentials.

Once you’ve opened your router’s admin page, find a section called Advanced or Management. To update the router, look for Firmware UpdateSystem Update, or Downloads. Download any updates available to bring your system up to date. If there is an option in your router settings that enables automatic updates, turn it on. 

If your router is supported by an app, you can update it from there.

Keep reading

10 tips to keep Google’s Chrome browser secure

Teenage hackers trick Facebook and Apple into giving up data – Are you at risk?

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days