This post was originally published on December 19, 2016
The latest update to this post was made 5 years ago.
Netgear Router Security Advisory
Netgear has recently issued a security advisory to users of its routers, where unauthenticated web pages can pass form input directly to the command line interface. A remote attacker can potentially inject arbitrary commands into this form and cause execution of the injected command by the affected system.
This notice covers these advisory numbers: VU582384 and PSV-2016-0245
Netgear router models affected that have a BETA firmware available to resolve the issue:
- D6220 [Beta Firmware]
- D6400 [Beta Firmware]
- R6700 [Beta Firmware]
- R6900 [Beta Firmware]
- R7100LG [Beta Firmware]
- R7300DST [Beta Firmware]
- R7900 [Beta Firmware]
Netgear router models affected that have a PRODUCTION firmware available to resolve the issue:
- R6250 [Production Firmware]
- R6400 [Production Firmware]
- R7000 [Production Firmware]
- R8000 [Production Firmware]
Users are advised to upgrade the firmware on affected models as soon as possible. Always refer the vendor website for the latest information! Netgear Reference: http://kb.netgear.com/000036386/CVE-2016-582384
Tags: #securityadvisory #security #router #routers #firmware
Be the first to comment