Claroty, an industrial and IoT cybersecurity firm, has revealed the technical details of five vulnerabilities that can be exploited to compromise certain models of Netgear routers.
These vulnerabilities were initially disclosed by Team82 during the Pwn2Own Toronto hacking competition and could allow attackers to monitor internet activity, hijack connections, inject malware, and gain control over networked smart devices. Netgear has released a firmware update to address these vulnerabilities and urges users to update their devices promptly to mitigate the risks.
The vulnerabilities, tracked as CVE-2023-27357, CVE-2023-27367, CVE-2023-27368, CVE-2023-27369, and CVE-2023-27370, were demonstrated by Claroty researchers during the hacking competition. By exploiting these vulnerabilities, the researchers successfully compromised Netgear’s Nighthawk RAX30 SOHO router and earned a reward of $2,500.
Netgear acknowledges the existence of these security flaws and advises users to download the latest firmware version, 1.0.10.94, to protect their devices.
The disclosed vulnerabilities include a missing authentication information disclosure vulnerability, stack-based buffer overflow authentication bypass vulnerabilities, an authentication bypass vulnerability leading to remote code execution, and a command injection flaw.
These vulnerabilities can have severe consequences, including unauthorized access to networked devices, manipulation of router settings, and launching attacks against other devices and networks. Netgear emphasizes the importance of promptly updating affected devices to ensure the security of users’ networks and devices.
