Security News

Researchers have found half a dozen high-risk vulnerabilities in the latest firmware version for the Netgear Nighthawk R6700v3 router. Nighthawk R6700 is a popular dual-bank WiFi router advertised with gaming-focused features, smart parental controls, and internal hardware that is sufficiently powerful to accommodate the needs of home power users.

AWS previewed new developer resources at its Re:invent conference, including new SDKs for Rust, Swift, and Kotlin, as well as Amplify Studio for rapid web applications, integrated with the Figma design tool. The SDKs provide a language wrapper for APIs to AWS services.

Networking equipment company Netgear has released yet another round of patches to remediate a high-severity remote code execution vulnerability affecting multiple routers that could be exploited by remote attackers to take control of an affected system. Because of its ubiquitous nature, UPnP is used by a wide variety of devices, including personal computers, networking equipment, video game consoles and internet of things devices.

Networking equipment company Netgear has released patches to remediate a high-severity remote code execution vulnerability affecting multiple routers that could be exploited by remote attackers to take control of an affected system. Traced as CVE-2021-40847, the security weakness impacts the following models -.

A high-severity security bug affecting several Netgear small office/home office routers could allow remote code execution via a man-in-the-middle attack. From there, attackers can serve up a malicious database update that triggers RCE, which can be created by downloading and modifying a legitimate Netgear database update, researchers said.

Netgear has fixed a high severity remote code execution vulnerability found in the Circle parental control service, which runs with root permissions on almost a dozen modern Small Offices/Home Offices Netgear routers. While one would expect the attack vector exposed by Circle security flaw would be removed after the service is stopped, the Circle update daemon containing the bug is enabled by default and it can be exploited even if the service is disabled.

New details have been revealed about a recently remediated critical vulnerability in Netgear smart switches that could be leveraged by an attacker to potentially execute malicious code and take control of vulnerable devices. The disclosure comes weeks after NETGEAR released patches to address the vulnerabilities earlier this month, on September 3.

Coldwind verified the vulnerabilities on the Netgear GS110TPV3 Smart Managed Pro Switch using firmware version 7.0.6.3 and below. GS752TPP fixed in firmware version 6.0.8.2.

Netgear has released firmware updates for more than a dozen of its smart switches used on corporate networks to address high-severity vulnerabilities. The company fixed three security flaw that affect 20 Netgear products, mostly smart switches.

Networking, storage and security solutions provider Netgear on Friday issued patches to address three security vulnerabilities affecting its smart switches that could be abused by an adversary to gain full control of a vulnerable device. The flaws, which were discovered and reported to Netgear by Google security engineer Gynvael Coldwind, impact the following models -.