Netgear Zero-Day Allows Full Takeover of Dozens of Router Models

2020-06-19 13:05

UPDATED. Researchers this week said they discovered an unpatched, zero-day vulnerability in firmware for Netgear routers that put 79 device models at risk for full takeover, they said.

The flaw, a memory-safety issue present in the firmware's httpd web server, allows attackers to bypass authentication on affected installations of Netgear routers, according to two separate reports: One on the Zero Day Initiative by a researcher called "d4rkn3ss" from the Vietnam Posts and Telecommunications Group; and a separate blog post by Adam Nichols of cybersecurity firm Grimm.

For his part, Nichols discovered the flaw initially in the Netgear R7000 router series, but eventually identified 79 different Netgear devices and 758 firmware images that included a vulnerable copy of the web server.

"If a user with a vulnerable router browses to a malicious website, that website could exploit the user's router by serving an HTML page which sends an AJAX request containing the exploit to the target device:" Nichols said.

In March, Netgear patched a critical remote code execution bug that could allow an unauthenticated attacker to take control of its Wireless AC Router Nighthawk hardware running firmware versions prior to 1.0.2.68.

News URL

https://threatpost.com/netgear-zero-day-takeover-routers/156744/

#netgear #router #takeover #zeroday

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Netgear		502	8	474	462	149	1093