As I wrote recently, Netgear introduced a severe bug into their router firmware around seven months ago, making all newer firmware releases since then unusable for many router owners. In the intervening time, numerous severe security holes in their routers have been publicized and patched by them. However, those of us who are running into the seven-month-old bug can’t upgrade to the security-patched firmware versions without making our routers unusable. We’re therefore forced to choose between an insecure router that works and a (less in)secure router that doesn’t.
Netgear continues to sell the routers with the defective firmware, without informing purchasers about the problem.
After waiting patiently for seven months for Netgear to fix this problem, I’ve finally had enough. I just sent the following letter to Netgear’s CEO:
May 28, 2018
Patrick Lo, CEO
350 East Plumeria Drive
San Jose, CA 95134
via Certified Mail
Dear Mr. Lo,
This letter constitutes a “Chapter 93A demand letter” under Massachusetts law.
The firmware for your company’s “R8000P – Nighthawk X6S AC4000 Tri Band WiFi Router” has been broken since you released version 220.127.116.11 on or about November 2, 2017. Starting with that release, I and many other owners of this router have found that the router needs to be rebooted every 1‑3 days, because network connectivity through the router stops functioning completely or becomes so slow that it is unusable.
Downgrading the router to firmware release 18.104.22.168 restores proper networking functionality. However, there are many known security holes in the 22.214.171.124 firmware, whose details have been published and which can therefore be leveraged by hackers to compromise the routers, so owners of R8000P routers are forced to choose between a dangerously insecure router whose networking works properly, or a router with security fixes which needs to be rebooted every 1‑3 days.
Netgear’s failure to release safe firmware that works properly for nearly seven months is grossly negligent, and is therefore an unfair and deceptive practice under Massachusetts law Chapter 93A. An even more egregious Chapter 93A violation is the fact that Netgear continues to sell R8000P routers without disclosing this known defect to purchasers.
I and many other Netgear customers have waited patiently for seven months while you have failed to solve this problem. You cannot claim to have been unaware of it. See, for example (not a complete list):
Furthermore, I contacted Netgear about this via your Facebook page and received this response on February 14: “Thank you for bringing this to our attention. Our engineering team is currently investigating this issue. The fix will likely be implemented in a future release.”
I also notified you about this issue via Twitter on February 7 (https://twitter.com/jikamens/status/961224353118588929). Since I see on your Twitter feed that you read and reply to tweets tagged with “@NETGEAR”, you cannot claim not to have seen my tweet.
My demand for rectifying these willful violations of Massachusetts law is simple: release a new version of the firmware for this router which fully fixes the issue described above within 30 days of receipt of this letter. If you are unable to do that, then my demands are, instead, as follows:
- Buy back my R8000P router for the full cost I paid for it, which is $326.73 including tax and shipping.
- Send me a shipping label to return the defective router to you at your expense.
- Contact all registered owners of this router in Massachusetts (i.e., under the jurisdiction of Chapter 93A) and offer to buy back the router and pay for the return shipping of any owner who is experiencing this problem, has proof of purchase, and wants to be rid of the router.
- Until such time as a fixed firmware version is released for this router, allow all R8000P owners in Massachusetts who choose not to take advantage of the buy-back program to access Netgear’s technical support at no charge.
These demands are entirely reasonable and proportionate to the harm caused by failing to address a material defect in your product and continuing to sell it despite said defect.
Please be advised of my intent to file suit against Netgear if these demands are not met. In my suit, I will ask for treble damages and legal fees as permitted by Chapter 93A. I will, furthermore, ask the court to certify my suit as a class action representing all Massachusetts owners of R8000P routers, again as permitted by Chapter 93A.
Please consider this letter a demand that Netgear preserve all evidence related to its knowledge of and attempts to address this firmware defect, including (but not limited to) any discussion threads in the Netgear Community about this problem with the R8000P and other Netgear routers. Note that I have preserved the Netgear Community articles listed above in the Internet Archive’s “Wayback Machine,” and I have saved a copy of the KnowledgeBase article listed above. One might imagine that if those pages were to suddenly disappear, that might be interpreted by the court as an attempt by Netgear to conceal its culpability in this matter.
I am under the impression that the firmware may be similarly broken for other Netgear routers, but as I only have first-hand experience with, and have been personally damaged by, the broken R8000P firmware, I am including only that router in the scope of this complaint. However, I reserve the right to expand its scope if I am able to obtain reliable information that other Netgear routers are also suffering from the problem described in this letter.
I look forward to your prompt, constructive reply.
It’s funny to find this now. I just spent over 2 weeks with Netgear support being dragged out and finally after losing $700 in lost wages was I forced to go purchase a new router from a different company did they offer to RMA my router, but of course at the cost of me shipping it to them and receiving a refurbished unit in return. This is still a huge issue with Netgear and I would hope that this does get filed as a nationwide class action lawsuit as it is not only MA residents that are having this same issue.
I purchased a Nighthawk X6S to replace a AC1900 that stopped working in August 2017. Now the X6S has stopped working as well… The router is past the product warranty and getting in touch with someone is impossible. Needless to say this is ridiculous having to pay for additional tech support for a product that was bricked from a firmware update (2nd time). As a tech guy myself I would expect a certain level of support, because if I were doing what is being done by Netgear I would be out of business not to mention the legal ramifications . I have literally purchased thousands of dollars in Netgear products for personal use and for companies I provide support for. There is more to the story but I will spare everyone the details…
Just upgraded and it Bricked my device to no repair… And they won’t help me with the problem due to it being past extended warranty. She also told me I didn’t need to update firmware if I wasn’t having issues… Well knowing updates for bettering products i normally do them, and I did have issues constantly.
11/16/2018: Still this hasn’t been resolved from Netgear. We are SO disappointed in this purchase of Netgear & how they have treated customers not only myself but also a plethora of people throughout many different forums. Even Netgear themselves forums. We are in California. I do hope Netgear steps up & honors the buy back of this crap router.
I’m thinking of purchasing this router but I keep hearing the same thing. I hoping they fix it because the router seam to have all the spec you would want in a router. There is a new update but I’m not sure if that fix them problem.
let me know if yours is working, if you have updated to Firmware Version 126.96.36.199
As far as I know the newest firmware they released does not fix the problem, at least not for everyone.
I don’t know for certain though, because I am no longer using the R8000P. Netgear responded to my threat of a lawsuit by replacing it with an R9000 at their expense.
where did you send it to? i would like to get a different router also since mind is basically useless now.
The address I sent my letter to is right there at the top of the letter, above.