Security News

UPDATED. Researchers this week said they discovered an unpatched, zero-day vulnerability in firmware for Netgear routers that put 79 device models at risk for full takeover, they said. The flaw, a memory-safety issue present in the firmware's httpd web server, allows attackers to bypass authentication on affected installations of Netgear routers, according to two separate reports: One on the Zero Day Initiative by a researcher called "d4rkn3ss" from the Vietnam Posts and Telecommunications Group; and a separate blog post by Adam Nichols of cybersecurity firm Grimm.

Netgear is warning users of a critical remote code execution bug that could allow an unauthenticated attacker to take control of its Wireless AC Router Nighthawk hardware running firmware versions prior to 1.0.2.68. The critical vulnerability, tracked by Netgear as PSV-2019-0076, affects the company's consumer Nighthawk X4S Smart Wi-Fi Router first introduced in 2016 and still available today.

An infosec researcher has published a JavaScript-based proof of concept for the Netgear routerlogin.com vulnerability revealed at the end of January. Through service workers, scripts that browsers run as background processes, Saleem Rashid reckons he can exploit Netgear routers to successfully compromise admin panel credentials.

Netgear left in its router firmware key ingredients needed to intercept and tamper with secure connections to its equipment's web-based admin interfaces. Specifically, valid, signed TLS certificates with private keys were embedded in the software, which was available to download for free by anyone, and also shipped with Netgear devices.

A firmware update NETGEAR recently released for the N300 series routers addresses two denial-of-service (DoS) vulnerabilities found by security researchers at Cisco’s Talos group. Tracked as...

Marketing data collection opens potential security nightmare Netgear has irked some security pros by demanding people register accounts before they can use a mobile app to control their Orbi mesh routers.…

Researchers warn of malware infecting 500,000 popular routers in a campaign mostly targeting the Ukraine, but also 54 other countries.

Security firm Trustwave has disclosed the details of several vulnerabilities affecting Netgear routers, including devices that are top-selling products on Amazon and Best Buy. read more

Netgear patches over a dozen vulnerabilities impacting its routers, switches and NAS devices.

Netgear published more than 50 security advisories in the past two weeks to inform customers about the availability of patches for vulnerabilities affecting many of the company’s routers,...