SecurityWeek reports that organizations have been warned about two critical NetModule Router Software vulnerabilities, which could be exploited to evade authentication and obtain administrative access. Hundreds of devices that remain on older versions of NRSW may be affected by the vulnerabilities that have been discovered by Flashpoint researchers within the NRSW code removed in 2018, exposing them to possible attacks. NetModule has already been informed regarding the flaws, as well as urged to notify customers regarding the bugs. However, Flashpoint noted that no security advisories or release changelogs have mentioned the vulnerabilities, indicating that users of impacted devices continue to be unaware of the identified critical NRSW security flaws. "NetModule has stated that they have no plans of releasing a security advisory citing an internal policy of only addressing supported releases. Furthermore, they state that they already publish Discontinuation Notices and continuously ask customers to keep devices up-to-date," said Flashpoint.