Security News > 2020 > July > Netgear Starts Patching Serious Vulnerabilities Affecting Tens of Products
Netgear has started releasing patches for ten vulnerabilities affecting nearly 80 of its products, including flaws disclosed last year at the Pwn2Own hacking competition.
All of the security holes were reported to Netgear through Trend Micro's Zero Day Initiative, including five by a hacker who uses the online moniker d4rkn3ss, from VNPT ISC, and five by Pedro Ribeiro and Radek Domanski of Team Flashback.
The vulnerabilities were reported to Netgear in November 2019 and January and February 2020.
The bugs disclosed at Pwn2Own, four of which have been rated high severity, can be exploited by an unauthenticated attacker with network access to the targeted Netgear device for arbitrary code execution, including with admin or root privileges, and to bypass authentication.
The vulnerabilities reported by d4rkn3ss can be exploited by a network-adjacent attacker for remote code execution and to obtain user credentials.