Now the security experts are warning of serious security issues in two Netgear routers. The Netgear R7000 and R6400 routers are affected by a critical vulnerability that could be exploited by remote attackers to run malicious code with root privileges.
Unfortunately, current and latest versions of the Netgear R7000 and R6400 routers running current and latest versions of the firmware are vulnerable to arbitrary command injection attacks.
At the time I was writing we cannot exclude that also other models may be vulnerable.
The Carnegie Mellon University CERT published a security advisory (Vulnerability Note VU#582384) to warn of multiple Netgear routers are vulnerable to arbitrary command injection.
The exploitation of the flaw is quite simple, attackers just need victims info into visiting a website that contains specially crafted malicious code to trigger the vulnerability.
“Netgear R7000, firmware version 220.127.116.11_1.1.93 and possibly earlier, and R6400, firmware version 18.104.22.168_1.0.4 and possibly earlier, contain an arbitrary command injection vulnerability.” reads the advisory issued by the CERT/CC.”By convincing a user to visit a specially crafted web site, a remote attacker may execute arbitrary commands with root privileges on affected routers. A LAN-based attacker may do the same by issuing a direct request.
The advisory states that in order to exploit the flaw, the victim could visit a website like:
then the malicious commands would execute automatically with root privileges.
The code exploit for this vulnerability has been publicly released.
At the time I was writing there is no available fix for the issue neither a workaround, for this reason, the CERT strongly recommended Netgear users to “consider discontinuing use” of vulnerable Netgear R7000 and R6400 routers, until a patch is released by the company.
“Exploiting this vulnerability is trivial. Users who have the option of doing so should strongly consider discontinuing use of affected devices until a fix is made available.” states the CERT.
(Security Affairs – Netgear R7000 and R6400 routers, IoT)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.