NETGEAR Urges Users to Fix Critical Wi-Fi Router Flaws

NETGEAR, an American computer networking company, recently addressed two critical vulnerabilities that could allow threat actors to gain unauthorized access to home networks.

The company has issued a critical security advisory urging users to update their Wi-Fi routers to the latest firmware immediately.

Theย two critical vulnerabilities, internally tracked asย PSV-2023-0039ย andย PSV-2021-0117,ย affect multiple Wi-Fi 6 access points (WAX206,ย WAX214v2, andย WAX220) and Nighthawk Pro Gaming router models (XR1000,ย XR1000v2,ย XR500).

While the PSV-2023-0039 (CVSS score: 9.8) vulnerability could enable unauthenticated threat actors to exploit the flaw for remote code execution (RCE), the PSV-2021-0117 (CVSS score: 9.6) vulnerability could be exploited for authentication bypass in low-complexity attacks without user interaction.

The following product models are affected by the unauthenticated RCE security vulnerability PSV-2023-0039, that were patched in the versions given below:

  • XR1000 –ย fixed in firmware versionย 1.0.0.74
  • XR1000v2ย – fixed in firmware versionย 1.1.0.22
  • XR500 –ย fixed in firmware versionย 2.3.2.134

โ€œNETGEAR strongly recommends that you download the latest firmware as soon as possible,โ€ย reads the advisory published on Saturday.

Further, the following product models are impacted by the authentication bypass security vulnerability PSV-2021-0117, which was patched in the versions shown below:

  • WAX206 – fixed in firmware versionย 1.0.5.3
  • WAX220 – fixed in firmware versionย 1.0.3.5
  • WAX214v2 – in firmware versionย 1.0.2.5

You can follow the steps mentioned below to download and install the latest firmware for your NETGEAR product:ย 

  1. Visit theย NETGEAR Support
  2. Please enter your model number in the search box, then select your model from the drop-down menu as soon as it appears. If a drop-down menu does not appear, check that you have entered your model number correctly or select a product category to find your product model.
  3. Clickย Downloads.
  4. Underย Current Versions, choose the download whose title begins with Firmware Version.
  5. Clickย Download.
  6. Follow the instructions provided in your productโ€™s user manual, firmware release notes, or product support page.

“The unauthenticated RCE vulnerability remains if you do not complete all recommended steps,” the company warned on Saturday. “NETGEAR is not responsible for any consequences that could have been avoided by following the recommendations in this notification.”

Users are advised to visit NETGEARโ€™s officialย support page to determine if their router is affected and download the necessary updates.

To ensure your network remains secure, it is recommended that you regularly update your router’s firmware to protect against emerging security threats.

Kavita Iyer
Kavita Iyerhttps://www.techworm.net
An individual, optimist, homemaker, foodie, a die hard cricket fan and most importantly one who believes in Being Human!!!
spot_img

Read More

Suggested Post