Researchers at Trustwave are drawing attention to two vulnerabilities that lets anyone recover your Netgear router’s administrative password, opening the door to botnets and other hostile takeovers. You’re only susceptible to internet attacks if you’ve enabled administration from outside the network, but anyone who can connect to the local network can take advantage of it. And there’s a real chance that you’re affected — about 31 models are at risk, including higher-end models like the Nighthawk X8 you see here.
Netgear has been diligent about patching the security hole. As of the report, 19 models (plus a cable modem) already have firmware updates that will fix the flaws. You can also avoid the issue on unpatched routers by manually enabling password recovery and turning off remote management. You won’t have to worry if you’re attentive, in other words. The larger concern is that there are many potential targets. With “hundreds of thousands” of affected routers in the wild (and at least some of them accessible online), it wouldn’t take much for an intruder to cause chaos.