Home Support

<  Back

AVG Network Inspector alert: ShellShock vulnerability found

This article explains how to resolve the issue if Network Inspector in AVG AntiVirus shows the following alert:

  • ShellShock vulnerability found

If you see the alert above after running a Network Inspector scan, your router contains a serious vulnerability that could allow an attacker to take control of your network. This makes all of the devices connected to your network vulnerable.

Solution

We recommend trying the possible solutions below in order:

Disable remote admin for your router

You can minimize the risks linked with this vulnerability by ensuring that the remote administration option in your router settings is disabled.

For instructions, refer to the Disable remote admin tab in the following article:

It is also necessary to update your router's firmware.

Disabling the remote administration option makes it more difficult for attackers to target your network, but does not resolve the issue. Network Inspector will continue to show the ShellShock vulnerability found alert until you update your router's firmware.

Update your router's firmware

Newer versions of your router's firmware may contain a fix for this issue. Routers do not typically run updates automatically, so you need to manually download and install any available updates.

Consult the documentation for your router model for instructions on how to download and install firmware updates. If updated firmware is not available, contact the manufacturer of your router to request that they provide a firmware update as soon as possible.

Incorrectly applying firmware updates can make your router unusable. For this reason, it is essential to follow the exact instructions provided in your router's documentation. If you are unsure, contact your router manufacturer directly for further assistance.

Below are links to the support pages for common router brands:

Apple | Asus | AT&T | Belkin | Cisco | Dell | D-Link | DrayTek | Eero | GL.iNET | Google | Huawei | Linksys | MicroTik | Motorola | NEC | NETGEAR | Sagem/Sagemcom | Speedefy | TP-Link | TRENDnet | Ubiquiti | UniFi | Vodafone | Zyxel

If you are unable to install a firmware update, we recommend replacing your router.

Further details

Your router contains the Shellshock Bash vulnerability.

The affected router is running an unpatched version of the Bash shell program. This potentially allows a remote attacker to gain control of your router and your internet connection by utilizing specially crafted environment variables to bypass your security. The attacker can then remotely execute shell commands with elevated privileges and steal private data that is stored on your router, including your login credentials, Wi-Fi password, and configuration data.

Any devices that are connected to your network, including computers, phones, tablets, printers, and security cameras, are at risk.

You can find more information about this vulnerability via the reference below:

  • AVG Internet Security 22.x for Windows
  • AVG AntiVirus FREE 22.x for Windows

  • AVG Internet Security 20.x for Mac
  • AVG AntiVirus 20.x for Mac
  • Microsoft Windows 11 Home / Pro / Enterprise / Education
  • Microsoft Windows 10 Home / Pro / Enterprise / Education - 32 / 64-bit
  • Microsoft Windows 8.x / Pro / Enterprise - 32 / 64-bit
  • Microsoft Windows 8 / Pro / Enterprise - 32 / 64-bit
  • Microsoft Windows 7 Home Basic / Home Premium / Professional / Enterprise / Ultimate - Service Pack 1 with Convenient Rollup Update, 32 / 64-bit

  • Apple macOS 12.x (Monterey)
  • Apple macOS 11.x (Big Sur)
  • Apple macOS 10.15.x (Catalina)
  • Apple macOS 10.14.x (Mojave)
  • Apple macOS 10.13.x (High Sierra)
  • Apple macOS 10.12.x (Sierra)
  • Apple Mac OS X 10.11.x (El Capitan)
Print
Email article

Was this article helpful?

Still looking for answers ?

Visit our AVG Support Community or contact us here:

Struggling with non-AVG technology? We can fix that, too!