Netgear Wi-Fi routers need to be patched immediately

Red padlock open on electric circuits network dark red background
(Image credit: Shutterstock/Chor muang)

Netgear has issued a patch for a high-severity vulnerability found in almost a dozen of its Wi-Fi routers and urged its users to apply the fix immediately. 

Given the destructive potential of the flaw, Netgear did not disclose the details, other than saying that it’s a pre-authentication buffer overflow vulnerability, which could be used for all kinds of malicious activity, from crashing the device after a denial of service, to arbitrary code execution.

To abuse the vulnerability, the attackers do not need user permission or user interaction. The flaw can be used in low-complexity attacks, it was said.

Pre-authentication buffer overflow

Issuing a security advisory about the flaw, Netgear said it “strongly recommends” users download and install the latest firmware as soon as possible.

"The pre-authentication buffer overflow vulnerability remains if you do not complete all recommended steps," Netgear added. "Netgear is not responsible for any consequences that could have been avoided by following the recommendations in this notification."

The list of all of the affected devices, which includes multiple Wireless AC Nighthawk, Wireless AX Nighthawk (WiFi 6), and Wireless AC models, can be found on this link.

Those looking to patch up their routers should navigate to the Netgear Support website, and type in their Wi-Fi router’s model number in the search box. Once the right version is identified, press Downloads, and under Current Versions, select the first download with “Firmware Version” in the beginning of the title.

Detailed instructions on how to apply the fix can be found in the Release Notes file accompanying the firmware download. 

Wi-Fi routers are a popular target for cybercriminals due to the fact that all of a user's traffic must go through the device. What’s more, users rarely change the factory settings, and update the firmware even less frequently. 

Via: BleepingComputer

TOPICS

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
cables going into the back of a broadband router on white background
Netgear urges users to patch major router security issues now
Cyber-security
Juniper Session Smart routers have a critical flaw, so patch now
China
Juniper patches security flaws which could have let hackers take over your router
An image of network security icons for a network encircling a digital blue earth.
Industrial networks exposed to attack by faulty Moxa devices
Best free Linux firewalls
Fortinet warns a critical vulnerability in its systems could let attackers breach company networks
Best free Linux firewalls
SonicWall tells admins to patch worrying SSLVPN flaw immediately
Latest in Security
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Representational image depecting cybersecurity protection
GitLab has patched a host of worrying security issues
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
Abstract image of cyber security in action.
MassJacker malware targets those looking for pirated software
Latest in News
Super Mario Odyssey
ChatGPT is the ultimate gaming tool - here's 4 ways you can use AI to help with your next playthrough
Ray-Ban smart glasses with the Cpperni logo, an LED array, and a MacBook Air with M4 next to ecah other.
ICYMI: the week's 7 biggest tech stories from Twitter's massive outage to iRobot's impressive new Roombas
Brad Pitt looks over his right shoulder with 'F1' written behind him
Apple Original Films will take you behind-the-scenes of a racing cockpit in this new thrilling F1 movie trailer
AI writer
Coding AI tells developer to write it himself
Reacher looking down at another character from the Prime Video TV series Reacher
Reacher season 3 becomes Prime Video’s biggest returning show thanks to Hollywood’s biggest heavyweight
Finger Presses Orange Button Domain Name Registration on Black Keyboard Background. Closeup View
I visited the world’s first registered .com domain – and you won’t believe what it’s offering today