Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Many Netgear router models contain serious RCE security holes
Network equipment maker Netgear has just released a patch for a critical vulnerability in some router models. Exploiting this vulnerability, hackers can deploy remote code execution (RCE) attacks to take control of the affected system.
This vulnerability is assigned code CVE-2021-40847 and affects the following router models:
- R6400v2 (patched with firmware version 1.0.4.120)
- R6700 (patched with firmware version 1.0.2.26)
- R6700v3 (patched with firmware version 1.0.4.120)
- R6900 (fixed with firmwaren 1.0.2.26)
- R6900P (patched with firmware version 3.3.142_HOTFIX)
- R7000 (patched with firmware version 1.0.11.128)
- R7000P (patched with firmware version 1.3.3.142_HOTFIX)
- R7850 (patched with firmware version 1.0.5.76)
- R7900 (patched with firmware version 1.0.4.46)
- R8000 (patched with firmware version 1.0.4.76)
- RS400 (patched with firmware version 1.5.1.80)
According to GRIMM security researcher Adam Nichols, the vulnerability resides in Circle, a third-party component in the firmware. It provides parental control features in Netgear devices.
More dangerously, the problem is related to Circle's update mechanism (deamon), which is enabled by default even if the router has not been set up to limit access time. This leads to hackers being able to execute RCE as root through Man-in-the-Middle (MitM) attack.
Update daemon connects Circle and Netgear together to find and load updates to the filter database. However, neither side is certified and downloads using the HTTP protocol. Therefore, hackers can break into the connection to install malicious files.
To ensure safety, Netgear recommends that users immediately update to the latest firmware versions.
David PacYou should read it
- NETGEAR Orbi review: One of the most powerful mesh router
- How to turn off SIP ALG on Netgear router
- How to set up Port Forwarding on Netgear router
- 8 best 802.11n routers in 2018
- List NETGEAR router default password
- Netgear router not working? Here's how to fix it!
- Enable remote management on NETGEAR router
- How to set up and configure DDNS on Netgear router
May be interested
- How to set up and configure DDNS on Netgear router
this guide will help you set up and configure dynamic dns (ddns) on netgear router. using the dynamic dns built into the router means you don't have to keep the computer running all the time on the network to access the remote network. - Detecting security holes that cause a series of D-Link VPN routers to be remotely attackedthree new security holes in d-link's vpn router have just been discovered by security firm digital defense.
- Review NETGEAR Nighthawk R7000 AC1900: Leading dual band routersome initial user reactions to the netgear r7000 were relatively good. together quantrimang. com review of netgear nighthawk r7000 ac1900 router to know why offline!
- 10 best combo cable modem / router todayfinally, with today's advanced technology, users can take advantage of high-speed internet service providers, along with high-performance wi-fi through 2-in-1 devices: cable modem router.
- List NETGEAR router default passwordnetgear routers usually have a default password of password and the default ip address is 192.168.1.1 or 192.168.0.1. however, as the table below shows, there are many exceptions.
- 4 best models of Mesh router for increasing WiFi wave 2020if your office or house has a large area, using a wifi router will definitely not cover the whole house. at this point, mesh wifi router models will be the appropriate choice.
- How to turn off SIP ALG on Netgear routerin this article, tipsmake.com.com will show you how to turn off sip alg on netgear routers. sip alg on this router is known to cause problems with voip calls.
- What's on the ASUS RT-AX88U and NETGEAR RAX80 - 2 the first Wi-Fi 6 router on the marketasus and netgear have no information about having first-time users accept large sums of money for beta testing of the first 802.11ax / wi-fi 6 router.
- Summary of the best Wi-Fi Router deviceswhether computers can catch wi-fi is stable and good depends a lot on wi-fi transmitters. the transmitter has quality, the signal transmission speed is guaranteed.
- Detect dangerous security holes affecting many D-Link routerssecurity researchers miguel méndez zúñiga and pablo pollanco of telefónica chile have just published proof-of-concept (poc) that allows hackers to execute remote commands and exploit vulnerabilities that leak information related to many d-link routers are being used worldwide.
Network equipment
- Difference between HDMI, Mini HDMI and Micro HDMI
- Powerline adapter or mesh WiFi is the best choice for your home?
- Netgear router not working? Here's how to fix it!
- Asus RT-AC68U Review: Versatile Dual Band Mesh WiFi Router
- Difference between Access Point and Router
- Linksys E1700 review: Basic router with a simple design
Difference between HDMI, Mini HDMI and Micro HDMI
Powerline adapter or mesh WiFi is the best choice for your home?
Netgear router not working? Here's how to fix it!
Asus RT-AC68U Review: Versatile Dual Band Mesh WiFi Router
Difference between Access Point and Router
Linksys E1700 review: Basic router with a simple design