NETGEAR Urges Immediate Firmware Updates for Critical Security Flaws
2025-2-4 11:2:31 Author: cyble.com(查看原文) 阅读量:5 收藏

Overview

NETGEAR has recently addressed two critical security vulnerabilities affecting its products, which, if exploited, could allow unauthenticated attackers to execute arbitrary code or remotely exploit devices. These vulnerabilities impact multiple models, including the XR series routers and WAX series access points. Given the high severity of these vulnerabilities, with Common Vulnerability Scoring System (CVSS) scores of 9.8 and 9.6, users are strongly advised to update their devices immediately to the latest firmware versions to prevent potential cyber threats.

Details of the Security Vulnerabilities

The vulnerabilities impact several NETGEAR devices and could allow remote attackers to take control of the affected routers and access points without requiring authentication. Such security flaws are particularly concerning as they can be leveraged for malicious activities, including data theft, network disruption, and unauthorized surveillance.

Affected Devices and Firmware Updates

NETGEAR has released fixes for the unauthenticated remote code execution (RCE) security vulnerability affecting the following models:

  • XR1000: Fixed in firmware version 1.0.0.74
  • XR1000v2: Fixed in firmware version 1.1.0.22
  • XR500: Fixed in firmware version 2.3.2.134

NETGEAR strongly recommends that all users of these models download and install the latest firmware as soon as possible.

Steps to Update Your Firmware

To ensure your NETGEAR device is secure, follow these steps to update your firmware:

  1. Visit the NETGEAR Support website.
  2. Enter your device’s model number in the search box and select the correct model from the drop-down list.
  3. Click on downloads.
  4. Under Current Versions, select the download that begins with Firmware Version.
  5. Click download and follow the provided installation instructions in the product’s user manual or firmware release notes.

Keeping your firmware updated is essential to maintaining the security and functionality of your device.

Why These Vulnerabilities Are Critical

  • Remote Code Execution (RCE): This type of vulnerability allows attackers to execute arbitrary commands remotely on the affected device, potentially leading to full device compromise.
  • Unauthenticated Exploitation: The vulnerabilities do not require authentication, making them highly dangerous as attackers can exploit them without needing login credentials.
  • Network Compromise: Once compromised, an attacker could intercept, modify, or reroute network traffic, potentially leading to data breaches, espionage, or further attacks on connected devices.

Given these risks, failing to apply the recommended firmware updates could leave users vulnerable to cyber threats, including botnet infections, malware deployment, and unauthorized access to sensitive information.

Security Advisory and NETGEAR’s Stance

NETGEAR has released a security advisory under the identifier PSV-2023-0039, urging all affected users to take immediate action. Although no official CVE (Common Vulnerabilities and Exposures) IDs have been assigned, the company acknowledges the seriousness of these security issues.

Acknowledgments

The vulnerabilities were identified and reported through BugCrowd, a well-known security research platform specializing in vulnerability discovery and responsible disclosure. NETGEAR has rated the vulnerabilities as critical, with the CVSS score breakdown as follows:

  • CVSS Score: 9.8 (Critical)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

Best Practices for Keeping Your Devices Secure

To enhance security and prevent similar threats in the future, users should follow these best practices:

  1. Regular Firmware Updates: Always keep your device’s firmware up to date. Firmware updates often include security patches that address known vulnerabilities.
  2. Use NETGEAR’s Mobile Apps for Updates:
    1. Orbi products: Use the NETGEAR Orbi app.
    1. WiFi routers: Use the NETGEAR Nighthawk app.
    1. Business products: Use the NETGEAR Insight app (firmware updates through this app require an Insight subscription).
  3. Manual Firmware Updates: If your device is not supported by one of the apps, follow the manual update process via the official NETGEAR website.
  4. Enable Automatic Updates: If available, enable automatic firmware updates to ensure you receive security patches as soon as they are released.
  5. Change Default Credentials: If you haven’t already, change the default administrator credentials on your NETGEAR device to a strong, unique password.
  6. Monitor Network Activity: Keep an eye on unusual network behavior, such as unexpected reboots, unknown connected devices, or sudden drops in performance, which could indicate potential exploitation.

NETGEAR’s prompt response and security advisory highlight the need for users to remain vigilant and prioritize regular firmware updates to protect against emerging threats. By taking the recommended steps, users can safeguard their devices from unauthorized access and maintain the integrity of their network security.

Source:

https://jocert.ncsc.jo/EN/ListDetails/Security_Alerts__Advisorites/1203/93

https://kb.netgear.com/000066558/Security-Advisory-for-Unauthenticated-RCE-on-Some-WiFi-Routers-PSV-2023-0039

Related

Disclaimer: This blog is based on our research and the information available at the time of writing. It is for informational purposes only and does not constitute legal, financial, or professional advice. While we strive for accuracy, we do not guarantee the completeness or reliability of the content. If any sensitive information has been inadvertently included, please contact us for correction. Cyble is not responsible for any errors, omissions, or decisions made based on this content. Readers should verify findings and seek expert advice where necessary. All trademarks, logos, and third-party content belong to their respective owners and do not imply endorsement or affiliation. All content is presented “as is” without any guarantee that it is free of confidential, proprietary, or otherwise sensitive information. If you believe any portion of this content contains inadvertently shared or sensitive data, please contact us immediately so that we may address and rectify the issue. No Liability for Errors or Omissions Due to the dynamic nature of cyber threat activity, this [blog/report/article] may include partial, outdated, or otherwise incorrect information due to unverified sources, evolving security threats, or human error. We expressly disclaim any liability for errors or omissions or any potential consequences arising from the use, misuse, or reliance on this information.


文章来源: https://cyble.com/blog/netgear-issues-security-severe-rce-vulnerabilities/
如有侵权请联系:admin#unsafe.sh