Friday, November 1, 2024
HomeCVE/vulnerabilityNETGEAR buffer Overflow Vulnerability Let Attackers Bypass Authentication

NETGEAR buffer Overflow Vulnerability Let Attackers Bypass Authentication

Published on

Malware protection

Some router models have identified a security vulnerability that allows attackers to bypass authentication.

To exploit this vulnerability, an attacker must know the WiFi password or have an Ethernet connection to a device on the victim’s network. 

Firmware updates that address this vulnerability are available for the following routers: RAX35 (version 1.0.6.106), RAX38 (version 1.0.6.106), and RAX40 (version 1.0.6.106).

- Advertisement - SIEM as a Service

It is strongly recommended that users download and install the latest firmware update as soon as possible. 

Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide

The document details an authentication bypass vulnerability in a NETGEAR product and emphasizes the crucial importance of completing all the recommended steps to patch the vulnerability. 

Failing to do so might expose your system, and NETGEAR is not responsible for any avoidable consequences.

This is only informational and does not carry any guarantees, as NETGEAR reserves the right to update the information as needed. 

A critical vulnerability has been identified with a CVSS score of 8.4, which indicates a high-severity issue that can be exploited remotely (Attack Vector: Low) without complex actions by an attacker (Attack Complexity: Low). 

No special privileges are required (Privileges Required: None), and no user interaction is needed (User Interaction: None).

Document

Integrate ANY.RUN in Your Company for Effective Malware Analysis

Are you from SOC, Threat Research, or DFIR departments? If so, you can join an online community of 400,000 independent security researchers:

  • Real-time Detection
  • Interactive Malware Analysis
  • Easy to Learn by New Security Team members
  • Get detailed reports with maximum data
  • Set Up Virtual Machine in Linux & all Windows OS Versions
  • Interact with Malware Safely

If you want to test all these features now with completely free access to the sandbox:

The vulnerability allows an attacker to compromise the affected system’s confidentiality, integrity, and availability (Scope: Unchanged; Confidentiality: High; Integrity: High; Availability: High). 

NETGEAR recommends updating devices with the most recent firmware to implement security patches, bug fixes, and new features. 

For NETGEAR app-supported devices, update the firmware through the corresponding app: the Orbi app for Orbi products, the Nighthawk app for NETGEAR WiFi routers, and the Insight app for some NETGEAR Business products (requires an Insight subscription).

For manual update instructions for unsupported devices, refer to the user manual, firmware release notes, or product support page. 

The document underwent two revisions recently, as on April 15th, an advisory containing security recommendations was published.

Subsequently, on April 21st, the document was updated to acknowledge contributions from relevant parties, likely addressing collaborators, reviewers, or external sources that were not previously credited. 

Combat Email Threats with Easy-to-Launch Phishing Simulations: Email Security Awareness Training -> Try Free Demo 

Eswar
Eswar
Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS...

ATPC Cyber Forum to Focus on Next Generation Cybersecurity and Artificial Intelligence Issues

White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch...

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan...

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS...

Google Chrome Security, Critical Vulnerabilities Patched

Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to...

SMB Force-Authentication Vulnerability Impacts All OPA Versions For Windows

Open Policy Agent (OPA) recently patched a critical vulnerability that could have exposed NTLM...