Security News > 2021 > July > Microsoft warns of serious vulnerabilities in Netgear's DGN220)v1 router

Netgear has patched serious security vulnerabilities in its DGN2200v1 network router, following the discovery of "Very odd behaviour" by a Microsoft security research team - a somewhat understated way of saying that attackers can gain "Complete control over the router."

As a result, it's possible for remote attackers to take over the router at any time - as discovered by members of the Microsoft 365 Defender Research Team.

"We noticed a very odd behaviour: a device owned by a non-IT personnel was trying to access a NETGEAR DGN2200v1 router's management port."

Once exploited, further vulnerabilities allow for security credentials - both those for the router and those for its WAN-side network connection - to be retrieved.

Back in March the NCC Group warned of 15 serious vulnerabilities in the Netgear JGS516PE Ethernet switch, its devices were implicated as being vulnerable to the DNSpooq attack, and in February SonicWall fingered the DGN1000 and DGN2200 as under active attack from vulnerabilities very similar to those discovered by Microsoft - the patch for which apparently failed to take.

More details on the vulnerabilities are available on the Microsoft blog, while instructions on upgrading the firmware to the fixed v1.0.0.60 release are on the Netgear website.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/07/01/microsoft_netgear_security_advisory/