If you have a WiFi router or WiFi Mesh system from the manufacturer NETGEAR you are in danger due to multiple security flaws that have been found in a large number of their products. Several security researchers have reported a total of 10 critical vulnerabilities to the manufacturer, so an external attacker could attack the router and take full control of the device. The manufacturer NETGEAR has already published firmware versions that solve this problem, so you should update your devices as soon as possible.
What vulnerabilities are they?
The vulnerabilities that security researchers have found in the vast majority of their product firmware can cause the following:
- Buffer overflow before authentication. A security flaw has also been detected where a buffer overflow can be made after authenticating to the router.
- Injection of commands before authentication, this is one of the most important security flaws, it could allow full control of the router before authenticating in it with the administration user.
- Stack overflow before authentication.
All of these security flaws have a CVSS score of 9.6 out of 10, therefore it is a critical security flaw. And this time not only do we have a security breach, but we also have up to 10 security failures of critical severity, so you should update your equipment as soon as possible if you do not want to have security problems.
What computers are affected?
There are dozens of products affected by all these or any of the aforementioned vulnerabilities, since both routers, WiFi repeaters, 4G routers as well as the manufacturer’s WiFi Mesh systems are affected. The complete list of affected computers are:
- Routers: MK62, R6250, R6300v2, R6400, R6400v2, R6700AX, R6700v3, R6900P, R7000, R7000P, R7100LG, R7800, R7850, R7900, R7960P, R8000, R8000P, R8500, R8900, R9201, RAX101, RAX220, RAX101, RAX2000, RAX101 , RAX20, RAX200, RAX35v2, RAX40v2, RAX43, RAX45, RAX50, RAX70, RAX75, RAX78, RAX80, WNDR3400v3, WNR2000v5, XR1000, XR300, XR450, XR500, XR700, RS400. The LBR1020 and the LBR20 are also affected, in addition, the D6220, D6400, D7000v2, D7800, D8500 and the DC112A as well as the DGN2200v4.
- WiFi Mesh systems: RBK12, RBK20, RBK352, RBK40, RBK50, RBK752, RBK852, RBR10, RBR20, RBR350, RBR40, RBR50, RBR750, RBR850, RBS10, RBS20, RBS350, RBS40, RBS40V, RBS50, RBS30V, RBS30 The CBR40 and CR750 are also affected.
- WiFi repeaters: EAX20, EAX80, EX6150v2, EX6200v2, EX6250, EX6400, EX6400v2, EX6410, EX6420, EX7000, EX7300, EX7300v2, EX7320, EX7500, EX7700, EX8000.
As you can see, we have almost all NETGEAR products affected by these security vulnerabilities.
List of firmware versions with the bug fixed
The INCIBE has created a complete list with the affected firmware versions, therefore, to be protected with our equipment and not have security flaws, it must be a later version than the one indicated here:
- CBR40, firmware versions prior to 2.5.0.24;
- CBR750, firmware versions prior to 4.6.3.6;
- D6220, firmware versions prior to 1.0.0.68;
- D6400, firmware versions prior to 1.0.0.102;
- D7000v2, firmware versions prior to 1.0.0.74;
- D7800, firmware versions prior to 1.0.1.64;
- D8500, firmware versions prior to 1.0.3.60;
- DC112A, firmware versions prior to 1.0.0.56;
- DGN2200v4, firmware versions prior to 1.0.0.118;
- EAX20, firmware versions prior to 1.0.0.58;
- EAX80, firmware versions prior to 1.0.1.68;
- EX6150v2, firmware versions prior to 1.0.1.98;
- EX6200v2, firmware versions prior to 1.0.1.86;
- EX6250, firmware versions prior to 1.0.0.134;
- EX6400, firmware versions prior to 1.0.2.158;
- EX6400v2, firmware versions prior to 1.0.0.134;
- EX6410, firmware versions prior to 1.0.0.134;
- EX6420, firmware versions prior to 1.0.0.134;
- EX7000, firmware versions prior to 1.0.1.94;
- EX7300, firmware versions prior to 1.0.2.158;
- EX7300v2, firmware versions prior to 1.0.0.134;
- EX7320, firmware versions prior to 1.0.0.134;
- EX7500, firmware versions prior to 1.0.0.74;
- EX7700, firmware versions prior to 1.0.0.216;
- EX8000, firmware versions prior to 1.0.1.232;
- LAX20, firmware versions prior to 1.1.6.28;
- LBR1020, firmware versions prior to 2.6.3.58;
- LBR20, firmware versions prior to 2.6.3.50;
- MK62, firmware versions prior to 1.0.6.116;
- MS60, firmware versions prior to 1.0.6.116;
- R6250, firmware versions prior to 1.0.4.48;
- R6300v2, firmware versions prior to 1.0.4.52;
- R6400, firmware versions prior to 1.0.1.70;
- R6400v2, firmware versions prior to 1.0.4.118;
- R6700AX, firmware versions prior to 1.0.2.88;
- R6700v3, firmware versions prior to 1.0.4.118;
- R6900P, firmware versions prior to 1.3.3.140;
- R7000, firmware versions prior to 1.0.11.116;
- R7000P, firmware versions prior to 1.3.3.140;
- R7100LG, firmware versions prior to 1.0.0.72;
- R7800, firmware versions prior to 1.0.2.80;
- R7850, firmware versions prior to 1.0.5.68;
- R7900, firmware versions prior to 1.0.4.38;
- R7960P, firmware versions prior to 1.4.2.84;
- R8000, firmware versions prior to 1.0.4.68;
- R8000P, firmware versions prior to 1.4.2.84;
- R8500, firmware versions prior to 1.0.2.144;
- R8900, firmware versions prior to 1.0.5.26;
- R9000, firmware versions prior to 1.0.5.26;
- RAX10, firmware versions prior to 1.0.2.88;
- RAX120, firmware versions prior to 1.2.0.16;
- RAX120, firmware versions prior to 1.2.0.16;
- RAX120v2, firmware versions prior to 1.2.0.16;
- RAX15, firmware versions prior to 1.0.3.96;
- RAX20, firmware versions prior to 1.0.3.96;
- RAX200, firmware versions prior to 1.0.4.120;
- RAX35v2, firmware versions prior to 1.0.3.96;
- RAX40v2, firmware versions prior to 1.0.3.96;
- RAX43, firmware versions prior to 1.0.3.96;
- RAX45, firmware versions prior to 1.0.3.96;
- RAX50, firmware versions prior to 1.0.3.96;
- RAX70, firmware versions prior to 1.0.2.88;
- RAX75, firmware versions prior to 1.0.4.120;
- RAX78, firmware versions prior to 1.0.2.88;
- RAX80, firmware versions prior to 1.0.4.120;
- RBK12, firmware versions prior to 2.7.3.22;
- RBK20, firmware versions prior to 2.7.3.22;
- RBK352, firmware versions prior to 4.3.4.7;
- RBK40, firmware versions prior to 2.7.3.22;
- RBK50, firmware versions prior to 2.7.3.22;
- RBK752, firmware versions prior to 3.2.17.12;
- RBK852, firmware versions prior to 3.2.17.12;
- RBR10, firmware versions prior to 2.7.3.22;
- RBR20, firmware versions prior to 2.7.3.22;
- RBR350, firmware versions prior to 4.3.4.7;
- RBR40, firmware versions prior to 2.7.3.22;
- RBR50, firmware versions prior to 2.7.3.22;
- RBR750, firmware versions prior to 3.2.17.12;
- RBR850, firmware versions prior to 3.2.17.12;
- RBS10, firmware versions prior to 2.7.3.22;
- RBS20, firmware versions prior to 2.7.3.22;
- RBS350, firmware versions prior to 4.3.4.7;
- RBS40, firmware versions prior to 2.7.3.22;
- RBS40V, firmware versions prior to 2.6.2.8;
- RBS50, firmware versions prior to 2.7.3.22;
- RBS50Y, firmware versions prior to 2.7.3.22;
- RBS750, firmware versions prior to 3.2.17.12;
- RBS850, firmware versions prior to 3.2.17.12;
- RBW30, firmware versions prior to 2.6.2.2;
- RS400, firmware versions prior to 1.5.1.80;
- WNDR3400v3, firmware versions prior to 1.0.1.38;
- WNR2000v5, firmware versions prior to 1.0.0.76;
- XR1000, firmware versions prior to 1.0.0.58;
- XR300, firmware versions prior to 1.0.3.68;
- XR450, firmware versions prior to 2.3.2.114;
- XR500, firmware versions prior to 2.3.2.114;
- XR700, firmware versions prior to 1.0.1.36.
As you can see, this series of security vulnerabilities are very serious, so we recommend that you update your equipment as soon as possible.
