Table of Contents
  • Home
  • /
  • Blog
  • /
  • How To Fix Multiple Vulnerabilities In Multiple NETGEAR Products
March 28, 2022
|
9m

How To Fix Multiple Vulnerabilities In Multiple NETGEAR Products


How To Fix Multiple Vulnerabilities In Multiple Netgear Products

NETGEAR has addressed seven vulnerabilities whose severity may range from critical to medium. Attackers can abuse these vulnerabilities to perform Authentication Bypass, Command Injection, Buffer Overflow, Improper Certificate Validation, Arbitrary File Upload, and remote code execution vulnerabilities. It is the prime duty of all users of NETGEAR to take a look at these vulnerabilities and fix them at the earliest. Let’s see How to Fix Multiple Vulnerabilities in Multiple NETGEAR Products.

Without further delay let’s discuss these multiple vulnerabilities in multiple NETGEAR Products and how to fix them.

List Of Multiple Vulnerabilities In Multiple NETGEAR Products

There are total of seven vulnerabilities ranging from critical to medium. Here is a list of vulnerabilities found in multiple NETGEAR products.

  • CVE-2022-27642, CVE-2022-27647: Authentication Bypass and Command Injection Vulnerabilities in Multiple NETGEAR Products.

  • CVE-2022-27643: Buffer Overflow Vulnerability in Multiple NETGEAR Products.

  • CVE-2022-27644, CVE-2022-27646: Improper Certificate Validation Vulnerability and Stack-based Buffer Overflow Vulnerabilities in Multiple NETGEAR Products.

  • CVE-2022-27645: Authentication Bypass Vulnerability in Multiple NETGEAR Products.

  • CVE-2011-5325: Arbitrary File Upload Vulnerability in Multiple NETGEAR Products.

Summary Of CVE-2022-27642, CVE-2022-27647

CVE-2022-27642 vulnerability enables network-adjacent hackers to bypass authentication on vulnerable versions of NETGEAR routers. However, authentication is not required to exploit the vulnerability. This vulnerability exists within the HTTPS service. It results due to incorrect string matching logic while accessing protected pages.

CVE-2022-27647 vulnerability enables network-adjacent hackers to execute arbitrary code on affected installations of NETGEAR R6700v3 router modules. Authentication is needed to exploit this vulnerability, but the existing authentication method can be bypassed. The problem results due to a lack of proper validation of string before executing a system call.

CVE IDCVE-2022-27642, CVE-2022-27647
CVSS VectorCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS Score7.5
CVSS Rating:High
Reported Date2021-12-01
Fixed Date2022-03-23 

Summary Of CVE-2022-27643

CVE-2022-27643 vulnerability enables network-adjacent hackers to execute arbitrary code on vulnerable versions of NETGEAR router modules. Authentication is not needed to exploit this vulnerability. The vulnerability exists within the handling of SOAP requests.

CVE IDCVE-2022-27643
CVSS VectorCVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L    
CVSS Score7.3
CVSS Rating:High
Reported Date2021-12-03
Fixed Date2022-03-23 

Summary Of CVE-2022-27644, CVE-2022-27646

CVE-2022-27644 vulnerability enables network-adjacent hackers to compromise the integrity of downloaded information on vulnerable versions of NETGEAR router modules. Authentication is not needed to exploit this vulnerability. The vulnerability exists within the file downloads via HTTP. The problem is due to the lack of proper validation of certificates presented by the server.

CVE-2022-27646 vulnerability enables network-adjacent hackers to execute arbitrary code on affected versions of NETGEAR router modules. Authentication is needed to exploit this vulnerability, but the existing authentication method can be bypassed. The vulnerability exists within the circled daemon. 

CVE IDCVE-2022-27644, CVE-2022-27646
CVSS VectorCVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L    
CVSS Score7.3
CVSS Rating:High
Reported Date2021-12-01
Fixed Date2022-03-23 

Summary Of CVE-2022-27645

CVE-2022-27645 vulnerability enables network-adjacent hackers to bypass authentication on vulnerable versions of NETGEAR router modules. To exploit this vulnerability, there is no need to perform authentication. The vulnerability exists within the readycloud_control.cgi.

CVE IDCVE-2022-27645
CVSS VectorCVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L    
CVSS Score76.2
CVSS Rating:Medium
Reported Date2021-12-01
Fixed Date2022-03-23 

Summary Of CVE-2011-5325

CVE-2011-5325 vulnerability enables network-adjacent hackers to upload arbitrary files on affected versions of NETGEAR router modules. To exploit this vulnerability, there is no need to perform authentication. The vulnerability exists within the Circle Parental Control feature, which listens on TCP ports 4444 and 4567.

CVE IDCVE-2011-5325
CVSS VectorCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
CVSS Score8.6
CVSS Rating:High
Reported Date2022-01-07
Fixed Date2022-03-23

List Of NETGEAR Products Affected By These Vulnerabilities

Here you can see the list of the products affected by vulnerabilities. We urge you to carefully go through the table list out the vulnerabilities identified in your modules and upgrade the firmware to the fixed version or the latest available for download.

Caution: We always recommend reading the product guide or contacting the vendor support team before upgrading firmware. The wrong firmware upgrade may break your device or lead to permanent damage.

VulnerabilitiesProducts
CVE-2022-27642, CVE-2022-27647Cable Modem Routers
CAX80 fixed in firmware version 2.1.3.7

Fixed Wireless
LAX20 fixed in firmware version 1.1.6.34
R7100LG fixed in firmware version 1.0.0.76

Nighthawk Mesh WiFi Systems
MR80 fixed in firmware version 1.1.6.14
MS80 fixed in firmware version 1.1.6.14

Routers
R6400 fixed in firmware version 1.0.1.78
R6400v2 fixed in firmware version 1.0.4.126
R6700v3 fixed in firmware version 1.0.4.126
R6900P fixed in firmware version 1.3.3.148
R7000 fixed in firmware version 1.0.11.134
R7000P fixed in firmware version 1.3.3.148
R8500 fixed in firmware version 1.0.2.158
RAX15 fixed in firmware version 1.0.10.110
RAX20 fixed in firmware version 1.0.10.110
RAX35v2 fixed in firmware version 1.0.10.110
RAX38v2 fixed in firmware version 1.0.10.110
RAX40v2 fixed in firmware version 1.0.10.110
RAX42 fixed in firmware version 1.0.10.110
RAX43 fixed in firmware version 1.0.10.110
RAX45 fixed in firmware version 1.0.10.110
RAX48 fixed in firmware version 1.0.10.110
RAX50 fixed in firmware version 1.0.10.110
RAX50S fixed in firmware version 1.0.10.110
RS400 fixed in firmware version 1.5.1.86
CVE-2022-27643DSL Modem Routers
D6220 fixed in firmware version 1.0.0.80
D6400 fixed in firmware version 1.0.0.114
D7000v2 fixed in firmware version 1.0.0.80

Fixed Wireless
R7100LG fixed in firmware version 1.0.0.76

Routers
R6400 fixed in firmware version 1.0.1.78
R6400v2 fixed in firmware version 1.0.4.126
R6700v3 fixed in firmware version 1.0.4.126
R6900P fixed in firmware version 1.3.3.148
R7000 fixed in firmware version 1.0.11.134
R7000P fixed in firmware version 1.3.3.148
R8500 fixed in firmware version 1.0.2.158
RS400 fixed in firmware version 1.5.1.86
WNDR3400v3 fixed in firmware version 1.0.1.44
WNR3500Lv2 fixed in firmware version 1.2.0.72
XR300 fixed in firmware version 1.0.3.72

Wireless
DC112A fixed in firmware version 1.0.0.64
CVE-2022-27644, CVE-2022-27646Orbi WiFi Systems
CBR40 fixed in firmware version 2.5.0.28

Routers
R6400v2 fixed in firmware version 1.0.4.126
R6700v3 fixed in firmware version 1.0.4.126
R6900P fixed in firmware version 1.3.3.148
R7000 fixed in firmware version 1.0.11.134
R7000P fixed in firmware version 1.3.3.148
RS400 fixed in firmware version 1.5.1.86
CVE-2022-27645Fixed Wireless
LAX20 fixed in firmware version v1.1.6.34

Routers
R6400v2 fixed in firmware version v1.0.4.126
R6700v3 fixed in firmware version v1.0.4.126
R7000 fixed in firmware version v1.0.11.134
R8500 fixed in firmware version 1.0.2.158
RAX15 fixed in firmware version 1.0.10.110
RAX20 fixed in firmware version 1.0.10.110
RAX35v2 fixed in firmware version 1.0.10.110
RAX38v2 fixed in firmware version 1.0.10.110
RAX40v2 fixed in firmware version 1.0.10.110
RAX42 fixed in firmware version 1.0.10.110
RAX43 fixed in firmware version 1.0.10.110
RAX45 fixed in firmware version 1.0.10.110
RAX48 fixed in firmware version 1.0.10.110
RAX50 fixed in firmware version 1.0.10.110
RAX50S fixed in firmware version 1.0.10.110
CVE-2011-5325Orbi WiFi Systems
CBR40 fixed in firmware version 2.5.0.28

Routers
R6400v2 fixed in firmware version 1.0.4.126
R6700v3 fixed in firmware version 1.0.4.126
R6900P fixed in firmware version 1.3.3.148
R7000 fixed in firmware version 1.0.11.134
R7000P fixed in firmware version 1.0.11.134
RS400 fixed in firmware version 1.5.1.86

How To Fix These Vulnerabilities In NETGEAR Products?

There could be different ways to upgrade the firmware. Firmware upgrade through the Nighthawk app is the easiest way to upgrade firmware. You can click here for more information. The second popular method is to upgrade firmware through the Web Browser. You can learn about upgrading firmware through a web browser from here. However, if you are on a corporate network manual firmware upgrade would be the best option to go with.

How to Fix These Vulnerabilities in NETGEAR Products?

There could be different ways to upgrade the firmware. Firmware upgrade through the Nighthawk app is the easiest way to upgrade firmware. You can click here for more information. The second popular method is to upgrade firmware through the Web Browser. You can learn about upgrading firmware through a web browser from here. However, if you are on a corporate network manual firmware upgrade would be the best option to go with.

Method 1: How to Update the NETGEAR products using Nighthawk app?

This method is best for home users.

  1. Download the Netgear app for your iOS or Android devices.

  2. Connect your smartphone to the WiFi network.

  3. Open the Netgear app.

  4. Login to the dashboard with router admin credentials.

  5. Tap on your router.

  6. Brose to the Settings and hit on Check For Updates.

  7. If your device has updates, then you will see update enabled. Click on Update.

Method 2: How to Update the NETGEAR products using the Nighthawk app?

This method is good for homes, small shops, or small businesses where the devices are installed on the personal network.

  1. Connect your computer to your router through a wired or wireless connection.

  2. Open the web browser and browse  routerlogin.net.

  3. Login to the web dashboard with router admin credentials.

  4. Select ADVANCED > Administration or Settings > Administration.

  5. Select Firmware Update or Router Update.

  6. Click Check.

  7. If your device has updates, then click Yes to upgrade the firmware.

Method 3: How to Update the NETGEAR products manually?

This is the preferable method for devices on the small to large size corporate network.

  • Connect your system with an Ethernet cable or Wifi.

  • Visit the NETGEAR Support.

  • Input the Product Name or router’s Model Number.

  • Click Downloads.

  • Choose a firmware version and click Download.

  • Enter routerlogin.net into the web browser.

  • Enter the admin username and password.

  • Select Advanced> Administration.

  • Select Router Update or Firmware Update.

  • Click Browse or Choose File. Locate and select the file that ends in .chk or .img.

  • Click the Upload button. The firmware update starts, and the process takes a few minutes.

We hope this post would help you know How to Fix Multiple Vulnerabilities in Multiple NETGEAR Products. Please share this post and help to secure the digital world. Visit our social media page on FacebookLinkedInTwitterTelegramTumblrMedium & Instagram, and subscribe to receive updates like this. 

Arun KL

Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.

Recently added

Application Security

View All

Learn More About Cyber Security Security & Technology

“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”

Cybersecurity All-in-One For Dummies - 1st Edition

"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.

Tools

Featured

View All

Learn Something New with Free Email subscription

Subscribe

Subscribe