Description
Netgear has identified and patched two critical vulnerabilities affecting multiple WiFi router models, including WiFi 6 access points (WAX206, WAX214v2, and WAX220) and Nighthawk Pro Gaming routers (XR1000, XR1000v2, XR500). These vulnerabilities allow unauthenticated threat actors to exploit remote code execution (RCE) and authentication bypass issues. Netgear strongly recommends users update their devices to the latest firmware to mitigate potential risks.
Attack Details
The security flaws, tracked internally as PSV-2023-0039 (Remote Code Execution) and PSV-2021-0117 (Authentication Bypass), enable attackers to take control of vulnerable routers without user interaction. These low-complexity exploits pose a severe risk as they allow cybercriminals to execute arbitrary code remotely or gain unauthorized access to the device. While Netgear has not disclosed the precise technical details of the vulnerabilities, similar past exploits have been leveraged to install malware, exfiltrate data, or launch further network attacks.
Remediation
To protect against potential exploitation, users must promptly update their Netgear routers to the latest firmware versions. The following steps should be taken:
Netgear has emphasized that failing to apply the necessary patches could leave users vulnerable to attacks. Users must follow the remediation steps immediately to secure their devices against potential exploits. The Guyana National CIRT recommends that users and administrators review this alert and apply it where necessary.
PDF Download: Netgear warns users to patch critical WiFi router vulnerabilities
References