Netgear Routers’ Flaws Expose Users to Malware, Remote Attacks, and Surveillance

May 12, 2023IRavie LakshmananNetwork Security / Malware


Up to five security flaws have been disclosed in Netgear RAX30 routers that could be chained together to bypass authentication and achieve remote code execution.

“Successful exploits could allow attackers to monitor users’ Internet activity, hijack Internet connections and redirect traffic to malicious websites or inject malware into network traffic,” said Claroty security researcher Uri Katz in a report.

In addition, a network-adjacent threat actor could also weaponize the flaws to access and control networked smart devices such as security cameras, thermostats, smart locks; manipulate router settings and even use a compromised network to launch attacks against other devices or networks.

Cyber ​​security

The list of flaws, which were demonstrated at the Pwn2Own hacking competition held in Toronto in December 2022, is as follows:

  • CVE-2023-27357 (CVSS score: 6.5) – Lack of authentication information disclosure vulnerability
  • CVE-2023-27367 (CVSS Score: 8.0) – Command injection remote code execution vulnerability
  • CVE-2023-27368 (CVSS score: 8.8) – Stack-based buffer overflow authentication bypass vulnerability
  • CVE-2023-27369 (CVSS score: 8.8) – Stack-based buffer overflow authentication bypass vulnerability
  • CVE-2023-27370 (CVSS Score: 5.7) – Device Configuration Cleartext Storage Information Disclosure Vulnerability

A proof-of-concept (PoC) exploit chain illustrated by the industrial cybersecurity company shows that it is possible to fix the flaws: CVE-2023-27357, CVE-2023-27369, CVE-2023-27368, CVE- 2023-2737 , and CVE-2023-27367 (in that order): to extract the device’s serial number and eventually gain root access to it.


Learn how to stop ransomware with real-time protection

Join our webinar and learn how to stop ransomware attacks with real-time MFA and service account protection.

Save my seat!

“These five CVEs can be chained together to compromise affected RAX30 routers, the most severe of which allows pre-authentication remote code execution on the device,” Katz noted.

Users of Netgear RAX30 routers are advised to upgrade to firmware version released by the networking company on April 7, 2023, to fix flaws and mitigate potential risks.

Did you find this article interesting? Follow us at Twitter and LinkedIn to read more exclusive content we publish.

Source link
As the world of technology continues to rapidly evolve and expand, it is important for consumers to be aware of potential security risks that arise with certain products and services. Recent reports have uncovered major flaws in a variety of Netgear routers that threaten the privacy and security of users. Such flaws, which have been discovered by security researchers, can expose users to malware, remote attacks, and surveillance.

Netgear is one of the leading manufacturers of wired and wireless routers and modems. Unfortunately, researchers have found that the company’s firmware is vulnerable to a variety of threats, including malicious code and data breaches. Reports have revealed that millions of Netgear devices are vulnerable to remote command injection, which can allow attackers to gain root access, granting them full control over the device and its functions. Furthermore, certain Netgear routers can allow attackers to bypass network security measures, meaning personal and sensitive data stored on the network can be accessed and stolen.

When it comes to protecting our homes, businesses and data from malicious attack, it is essential that we maintain a high level of security. At Ikaroa, we understand the implications of cyber attacks and strive to provide robust and secure solutions to our clients. Our team of experts is knowledgeable on the latest cyber security trends and standards, and is constantly working to ensure that the products and services we provide are the most secure available.

In light of the vulnerabilities discovered in the Netgear firmware, it is important that users and businesses take appropriate steps to maintain the security and privacy of their data. Users should install the latest firmware available and ensure they use strong passwords and encryption to protect their accounts and data. Businesses should consider investing in more secure routers and modems, such as those offered by Ikaroa, to provide additional safeguards against such threats.

With the growing complexity of the digital world, it is critical that we take the necessary measures to protect ourselves and our data from threats. Netgear’s vulnerabilities are a serious issue, so it is important that users take the necessary precautions to safeguard their devices and networks. By investing in secure routers and modems from a trusted provider such as Ikaroa, users can ensure that their data and networks remain secure.


Leave a Reply

Your email address will not be published. Required fields are marked *