NETGEAR has released a patch for a high-severity vulnerability found in nearly a dozen of its wireless networks routers (opens in new tab) and urged its users to apply the fix immediately.
Given the flaw’s destructive potential, Netgear has not disclosed any details other than to say that it is a pre-authentication buffer overflow vulnerability that could be used for all sorts of malicious activities, from crashing the device after a denial-of- service to arbitrary code execution.
Attackers do not require user permission or user interaction to exploit the vulnerability. The flaw could be exploited in low-complexity attacks, it said.
Pre-authentication buffer overflow
output one security advice (opens in new tab) Regarding the bug, Netgear said it “strongly recommends” users download and install the latest firmware as soon as possible.
“The pre-authentication buffer overflow vulnerability persists if you don’t follow all recommended steps,” Netgear added. “Netgear is not responsible for any consequences that could have been avoided by following the recommendations in this notice.”
For a list of all affected devices, including multiple models of Wireless AC Nighthawk, Wireless AX Nighthawk (WiFi 6), and Wireless AC, see this link (opens in new tab).
Those looking to fix their routers should navigate Netgear support (opens in new tab) website and enter the model number of the wireless router in the search box. Once the correct version has been identified, press Downloads and under Current Versions select the first download with “Firmware Version” at the beginning of the title.
For detailed instructions on how to apply the fix, see the release notes file that accompanies the firmware download.
Wi-Fi routers are a popular target for cybercriminals because all of a user’s traffic must pass through the device. In addition, users rarely change the factory settings, and even less often update the firmware.
Above: Beeping computer (opens in new tab)
