Full Report
Netgear has fixed two critical remote code execution and authentication bypass vulnerabilities affecting multiple WiFi routers and warned customers to update their devices to the latest firmware as soon as possible. [...]
Analysis Summary
Your summary of the Netgear router vulnerabilities:
# Vulnerability: Critical RCE and Authentication Bypass in Netgear WiFi Routers
## CVE Details
- CVE ID: Not explicitly provided in the article (Internal IDs: PSV-2023-0039 for RCE, PSV-2021-0117 for Auth Bypass)
- CVSS Score: Not provided (Implied High due to RCE)
- CWE: Information not available
## Affected Systems
- Products:
- Nighthawk Pro Gaming: XR1000, XR1000v2, XR500
- WiFi 6 Access Points: WAX206, WAX214v2, WAX220
- Versions: Specific firmware versions prior to the listed patched versions.
- Configurations: Any device running vulnerable firmware.
| Vulnerable Netgear Router | Patched Firmware Version |
| :--- | :--- |
| XR1000 | 1.0.0.74 |
| XR1000v2 | 1.1.0.22 |
| XR500 | 2.3.2.134 |
| WAX206 | 1.0.5.3 |
| WAX220 | 1.0.5.3 |
| WAX214v2 | 1.0.2.5 |
## Vulnerability Description
The vulnerabilities include two critical flaws:
1. **Remote Code Execution (RCE)** (Internal tracking: PSV-2023-0039).
2. **Authentication Bypass** (Internal tracking: PSV-2021-0117).
Both vulnerabilities can be exploited by unauthenticated threat actors remotely. Netgear warns that failure to complete all recommended steps, including firmware updates, will leave the RCE vulnerability exploitable.
## Exploitation
- Status: Not explicitly stated as exploited in the wild, but the vendor urges immediate patching due to critical risk.
- Complexity: Low (for both flaws).
- Attack Vector: Network (Remote, Unauthenticated).
## Impact
- Confidentiality: Unknown (Likely High due to unauthenticated RCE)
- Integrity: Unknown (Likely High due to unauthenticated RCE)
- Availability: Unknown
## Remediation
### Patches
Users must update their router firmware to the specific versions listed below:
- **XR1000:** Firmware version 1.0.0.74 or newer
- **XR1000v2:** Firmware version 1.1.0.22 or newer
- **XR500:** Firmware version 2.3.2.134 or newer
- **WAX206:** Firmware version 1.0.5.3 or newer
- **WAX220:** Firmware version 1.0.5.3 or newer
- **WAX214v2:** Firmware version 1.0.2.5 or newer
### Workarounds
The primary recommended mitigation is to download and install the latest firmware immediately via the NETGEAR Support website.
## Detection
- **Indicators of Compromise:** Not detailed in the advisory provided. System behavior inconsistent with normal operation following the upgrade window could be an indicator.
- **Detection methods and tools:** Firmware version checks against the patched versions listed above.
## References
- Vendor Advisories: Security advisories published by NETGEAR (specific link not provided, referenced as being published "over the weekend").
- Relevant links:
- [NETGEAR Support site for firmware downloads](def_NETGEAR_Support_link)