Security News

PfSense also offers its own routers under the name Netgate for those who want an experience closer to a bundled hardware and software option, such as with Netgear, but with the added options and flexibility pfSense offers. Due to the variety of hardware configurations with both pfSense and Netgear, this comparison will mostly focus on software settings and the key features between the two.

Netgear has admitted that multiple security vulnerabilities in its business-grade BR200 and BR500 VPN routers can't be fixed due to technical limitations outside of their control, and is offering users a free or discounted replacement router. Netgear's BR200 and BR500 VPN routers are marketed as remote networking solutions for small to medium-size businesses and home offices, and provide features such as a site-2-site VPN connection, a firewall, remote configuration and monitoring, and more.

Netgear is pushing out fixes for a bad Orbi firmware update released earlier this month that prevents users from accessing the device's admin console. "We are aware of an issue affecting the Orbi RBK85x and RBK75x Series Mesh WiFi 6 Systems," Netgear explained on their status page.

Researchers have found half a dozen high-risk vulnerabilities in the latest firmware version for the Netgear Nighthawk R6700v3 router. Nighthawk R6700 is a popular dual-bank WiFi router advertised with gaming-focused features, smart parental controls, and internal hardware that is sufficiently powerful to accommodate the needs of home power users.

AWS previewed new developer resources at its Re:invent conference, including new SDKs for Rust, Swift, and Kotlin, as well as Amplify Studio for rapid web applications, integrated with the Figma design tool. The SDKs provide a language wrapper for APIs to AWS services.

Networking equipment company Netgear has released yet another round of patches to remediate a high-severity remote code execution vulnerability affecting multiple routers that could be exploited by remote attackers to take control of an affected system. Because of its ubiquitous nature, UPnP is used by a wide variety of devices, including personal computers, networking equipment, video game consoles and internet of things devices.

Networking equipment company Netgear has released patches to remediate a high-severity remote code execution vulnerability affecting multiple routers that could be exploited by remote attackers to take control of an affected system. Traced as CVE-2021-40847, the security weakness impacts the following models -.

A high-severity security bug affecting several Netgear small office/home office routers could allow remote code execution via a man-in-the-middle attack. From there, attackers can serve up a malicious database update that triggers RCE, which can be created by downloading and modifying a legitimate Netgear database update, researchers said.

Netgear has fixed a high severity remote code execution vulnerability found in the Circle parental control service, which runs with root permissions on almost a dozen modern Small Offices/Home Offices Netgear routers. While one would expect the attack vector exposed by Circle security flaw would be removed after the service is stopped, the Circle update daemon containing the bug is enabled by default and it can be exploited even if the service is disabled.

New details have been revealed about a recently remediated critical vulnerability in Netgear smart switches that could be leveraged by an attacker to potentially execute malicious code and take control of vulnerable devices. The disclosure comes weeks after NETGEAR released patches to address the vulnerabilities earlier this month, on September 3.