Security News > 2024 > July > Netgear warns users to patch auth bypass, XSS router flaws
Netgear warned customers to update their devices to the latest available firmware, which patches stored cross-site scripting and authentication bypass vulnerabilities in several WiFi 6 router models.
The stored XSS security flaw impacts the XR1000 Nighthawk gaming router.
A Netgear spokesperson was not immediately available to share more details regarding the two security flaws when BleepingComputer reached out earlier today.
Last month, security researchers disclosed half a dozen vulnerabilities of varying severity impacting Netgear WNR614 N300, a popular router among home users and small businesses.
Since this router model reached end-of-life and is no longer supported by Netgear, the company will not release security patches and advised users to replace the router or apply mitigation measures to block potential attacks.
ASUS warns of critical remote authentication bypass on 7 routers.
News URL
Related news
- Netgear warns users to patch critical WiFi router vulnerabilities (source)
- Zyxel won’t patch newly exploited flaws in end-of-life routers (source)
- Swap EOL Zyxel routers, upgrade Netgear ones! (source)
- Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication (source)
- Juniper patches critical auth bypass in Session Smart routers (source)