NETGEAR has released security updates for multiple Nighthawk gaming routers, patching a critical unauthenticated remote code execution (RCE) vulnerability that could allow attackers to take control of affected devices. The company strongly advises users to install the latest firmware to mitigate the risk.
The vulnerability, tracked under PSV-2023-0039, was reported through Bugcrowd, NETGEAR’s bug bounty program. While the company has not disclosed specific details regarding the nature of the flaw or its potential exploitation, the vulnerability carries a CVSS score of 9.8, categorizing it as critical. The issue affects the following router models:
- XR1000 – fixed in firmware version 1.0.0.74
- XR1000v2 – fixed in firmware version 1.1.0.22
- XR500 – fixed in firmware version 2.3.2.134
The Nighthawk series is NETGEAR’s high-performance gaming router lineup, designed for low-latency, high-speed connectivity. These devices are popular among competitive gamers and advanced users who require optimized networking features. Given their use case, an unauthenticated RCE vulnerability poses a significant security risk, as an attacker could potentially compromise the router remotely without needing user credentials.
In a separate advisory, NETGEAR also addressed a critical remote exploitation vulnerability (PSV-2021-0117) affecting its WAX206, WAX220, and WAX214v2 wireless access points. This flaw, rated with a CVSS score of 9.6, was discovered by an independent security researcher. Like the router vulnerability, NETGEAR has not provided detailed information about the exploitation methods or potential attack vectors but has released firmware updates to resolve the issue.
NETGEAR urges immediate updating
NETGEAR strongly recommends that all users update their firmware as soon as possible to protect their devices from potential attacks.
Users of Nighthawk routers can install updates through the NETGEAR Nighthawk app, while access point users can use the NETGEAR Insight app (available to Insight subscribers). Firmware updates may also be manually downloaded from the NETGEAR Support website by searching for the device model, downloading the latest firmware version, and following the installation instructions.
Failing to apply the patches leaves affected devices vulnerable to remote exploitation, even if the details aren’t public yet. Apart from that, it is recommended that admin user accounts on routers have their default passwords changed and that administration panels aren’t remotely accessible.
Microsoft Announces Discontinuation of VPN Feature in Defender
Leave a Reply