TweakTown

Netgear routers allowing hackers to pass administrator authentication

Network engineer Peter Adkins has found a major security flaw in Netgear wireless routers - enabling full access over Wi-Fi.

@smithymayo
Chris Smith
Published Tue, Feb 17 2015 4:12 PM CST   |   Updated Tue, Jun 16 2020 4:29 PM CDT

A recent flaw has been discovered in multiple Netgear router models, reportedly allowing hackers to bypass administrator authentication and gain full access to the device as found by Network engineer, Peter Adkins.

Netgear routers allowing hackers to pass administrator authentication | TweakTown.com

Adkins discovered that routers in the popular Netgear 'WNDR' range are running a Simple Object Access Protocol (SOAP) service as part of the Netgear Genie device administration application. Seemingly secure, he was able to bypass filtering and authentication for the SOAP service over a Wi-Fi connection without much effort.

Once the connection had been established, Adkins was able to extract the admin password, Wi-Fi interface credentials, station identifiers, the device serial number and even information on connected clients. He then notified Netgear of this security issue, however was met with a response which included "the network should still stay secure" - apparently due to hidden built-in security features.

If you wish to view more in-depth information about this vulnerability, Adkins has released an analysis on Github. We'll also list below exactly what routers have been tested and confirmed to contain this issue.

Confirmed vulnerable routers:

  • NetGear WNDR3700v4 - V1.0.0.4SH
  • NetGear WNDR3700v4 - V1.0.1.52
  • NetGear WNR2200 - V1.0.1.88
  • NetGear WNR2500 - V1.0.0.24
  • NetGear WNDR3700v2 - V1.0.1.14
  • NetGear WNDR3700v1 - V1.0.16.98
  • NetGear WNDR3700v1 - V1.0.7.9
  • NetGear WNDR4300 - V1.0.1.60

Routers believed to be vulnerable but not yet tested:

  • WNDR3800
  • WNDRMAC
  • WPN824N
  • WNDR4700
NEWS SOURCES:, github.com

I'm a competitive gamer and was an eSports employee. Recent changes have seen me hang up the mouse and move over to the technology world, covering all news for TweakTown, ranging from gaming news to opinion articles and the latest tech releases. Expect to see a few different articles on international eSports news and competitive game releases, as well as audio and mobile device content.

Related Tags

Newsletter Subscription

Latest News

View More News

Latest Reviews

View More Reviews

Latest Articles

View More Articles