It has been discovered recently by the European security and compliance assessment company Onekey that arbitrary code may be injected into multiple Netgear router models through FunJSQ in a malicious manner.
In order to accelerate online games, Xiamen Xunwang Network Technology has developed a third-party module known as FunJSQ. In short, FunJSQ is a third-party gaming module.
Along with routers there are some Orbi WiFi Systems that are also affected. If your WiFi password is known to an attacker or your router’s Ethernet cable is connected to your computer, then this vulnerability is exploitable.
Here below we have mentioned the all the router models and WiFi systems that are affected. Not only that even we have also mention their respective fixed firmware versions as well:-
A first set of patches was issued by Netgear for the vulnerable devices this month after they were informed of the security holes in June.
The FunJSQ gaming module does not have a secure update process. Update packages that are sent from the server to the FunJSQ module are only superficially checked.
A hash checksum is used to validate the packages on the device as they are unsigned.
There are a number of actions that an attacker can take in order to exploit an insecure communication channel, such as:-
There is a potential for arbitrary code to be executed from the WAN interface as a result of these factors combined.
CVE-2022-40620 has been assigned to the issue relating to an insecure update mechanism introduced in the release. CVE-2022-40619 was the CVE ID number assigned to the flaw related to unauthenticated command injections.
It should be noted that Netgear has not yet divulged a workaround for this vulnerability. The latest firmware from NETGEAR should be downloaded as soon as possible, as NETGEAR strongly recommends you do so.
Download Free SWG – Secure Web Filtering – E-book
Researchers observed Lumma Stealer activity across multiple online samples, including PowerShell scripts and a disguised…
Palo Alto Networks reported the Contagious Interview campaign in November 2023, a financially motivated attack…
The recent discovery of the NjRat 2.3D Professional Edition on GitHub has raised alarms in…
A critical vulnerability, CVE-2024-3393, has been identified in the DNS Security feature of Palo Alto…
Threat Analysts have reported alarming findings about the "Araneida Scanner," a malicious tool allegedly based…
A major dark web operation dedicated to circumventing KYC (Know Your Customer) procedures, which involves…