Netgear router vulnerabilities could put small businesses at risk
Time to update your firmware
Netgear has released a set of updated firmware for its small business routers and Wi-Fi extenders after a number of vulnerabilities were discovered in several models by security researchers at Immersive Labs.
If exploited, these vulnerabilities could be used to achieve unauthorized access to devices or even to modify the internal filesystem which can be abused to affect traffic passing through the device according to a new blog post from the cybersecurity firm.
Two vulnerabilities, tracked as PSV-2021-0169 and PSV-2021-0172, make it possible to gain authenticated access to affected Netgear devices. Once done, an attacker could then modify settings in the administration panel to run arbitrary commands on a victim's router. However, this kind of command injection also adds persistence which means that the vulnerability can still remain on an affected device even if the router is restarted or updated.
Additionally, commands could be used to open other ports or to allow command line access over the network to a victim's operating system. With operating system access, a malicious user could significantly impact the availability of one of Netgear's routers and the data that is passed through it.
Resetting a router's password
Another vulnerability, tracked as PSV-2021-0171, discovered in Netgear's routers by Immersive Labs can be exploited by an attacker with access to a local network.
By doing so, they can make a request to a router's UPNP port and view the device serial number. While this may sound fairly harmless at first, keep in mind that this serial number is used as part of the password reset function on most Netgear devices.
Although the likelihood of an attacker exploiting these vulnerabilities is considered low by Immersive Labs' security researchers, there is still a valid threat surface. By exploiting these three vulnerabilities, it is possible to add new files and configurations to any of the affected devices that could even survive a device reset. At the same time, it would also be possible to block any future firmware updates to keep a compromised device in this state.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Thankfully though, Netgear has now released patches for all of its affected small business routers which you can download here.
We've also highlighted the best small business routers, best Wi-Fi extenders, best endpoint protection software and best firewall
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.