Network Security, Patch/Configuration Management, Vulnerability Management

Netgear releases patches for publicly known critical flaw

Netgear released firmware updates for several router models to patch a publicly known critical vulnerability which could allow an attacker to gain root privileges on a device and execute arbitrary Linux-based commands.

The vulnerabilities were so severe that earlier this week, a leading CERT authority recommended that users temporarily stop using and disable the devices until a patch was released.

The R6250, R6400, R6700, R7000, R7100LG, R7300, R7900, R8000 D6220, and D6400 models were confirmed to have been affected by the flaw which an attacker could exploit by tricking users into visiting specially crafted malicious websites (or by installing malicious advertisements on otherwise legitimate sites. It is possible that other models were affected by the bug and while the company is working on firmware updates for all of the affected models, it has only released beta versions available at the time this article was written, according to the advisory.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.