Security News > 2020 > March > Critical Netgear Bug Impacts Flagship Nighthawk Router

Critical Netgear Bug Impacts Flagship Nighthawk Router
2020-03-04 18:58

Netgear is warning users of a critical remote code execution bug that could allow an unauthenticated attacker to take control of its Wireless AC Router Nighthawk hardware running firmware versions prior to 1.0.2.68.

The critical vulnerability, tracked by Netgear as PSV-2019-0076, affects the company's consumer Nighthawk X4S Smart Wi-Fi Router first introduced in 2016 and still available today.

The same high-severity command injection flaw also exists in 29 other router models within the D6000, R6000, R7000, R8000, R9000 and XR500 family of Netgear hardware.

Brands include 20 SKUs of the Wireless AC Router Nighthawk hardware, four of its Wireless AC Routers and four DSL Gateway AC devices.

On Tuesday, Netgear warned of a second high-severity post-authentication command injection flaw impacting five router models within the R6400, R6700, R6900 and R7900 SKUs and that are running specific vulnerable firmware.


News URL

https://threatpost.com/critical-netgear-bug-impacts-nighthawk-router/153445/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Netgear 502 8 474 462 149 1093