Netgear is warning users of a critical remote code execution flaw that could allow an unauthenticated attacker to take control of its wireless routers.
Netgear has addressed a critical remote code execution vulnerability that could be exploited by an
The advisory published by the vendor also includes two high-severity issues affecting Nighthawk routers, 21 medium-severity flaws, and one low-severity vulnerability.
The critical vulnerability, tracked as PSV-2019-0076, affects Netgear Nighthawk X4S Smart Wi-Fi Router (R7800) family.
“NETGEAR has released fixes for
- R7800, running firmware versions prior to 220.127.116.11
NETGEAR strongly recommends that you download the latest firmware as soon as possible.” reads the advisory published by the vendor.”
The company did not disclose technical details of the vulnerability, it only recommended to apply the necessary patches.
Netgear also addressed a high-severity flaw in several Netgear routers, the vendor tracked the flaw as PSV-2018-0352. The vulnerability is a post-authentication command injection issue and impacts Nighthawk (R7800) routers running firmware prior to version 18.104.22.168.
The PSV-2018-0352 flaw affects tens of routers, including D6000, R6000, R7000, R8000, R9000 and XR500 family of Netgear hardware.
This week, the vendor also issued a security bulletin for the PSV-2019-0051 vulnerability, a pre-authentication command injection security issue that affects the following models:
- R6400v2, running firmware versions prior to 22.214.171.124
- R6700, running firmware versions prior to 126.96.36.199
- R6700v3, running firmware versions prior to 188.8.131.52
- R6900, running firmware versions prior to 184.108.40.206
- R7900, running firmware versions prior to 220.127.116.11