High-Severity RCE Vulnerability Found in Several Netgear Routers
Cybersecurity experts discovered a serious RCE vulnerability in several Netgear models.
A critical remote code execution vulnerability affecting many routers has been discovered and fixed by networking equipment manufacturer Netgear, according to The Hacker News.
As explained by GRIMM security researcher Adam Nichols, the security vulnerability is in Circle, a third-party component that is included in the firmware with the Circle update daemon turned on by default. With this configuration, a Man-in-the-Middle (MitM) attack might grant attackers with network access the ability to acquire root-level code execution (RCE).
With Circle, Netgear, and the update daemon Circled working together in this manner, an interloper can stage a MitM attack and respond to the request to download new database entries with a specially crafted compressed database file, which allows the attacker to gain the ability to replace active binaries with malicious code.
Nichols stated "Since this code is run as root on the affected routers, exploiting it to obtain RCE is just as damaging as a RCE vulnerability found in the core Netgear firmware," [...] "This particular vulnerability once again demonstrates the importance of attack surface reduction."
A few weeks ago, a Google security engineer named Gynvael Coldwind revealed details of three severe security vulnerabilities dubbed Demon's Cries, Draconian Fear, and Seventh Inferno that affected over a dozen of the company's smart switches and allowed threat actors to bypass authentication and take complete control of vulnerable devices.
The vulnerability in question is tracked as CVE-2021-40847, and has a CVSS score: 8.1. The following devices are affected by the security flaw:
R8000, which is fixed in firmware version 126.96.36.199
R7850, which is fixed in firmware version 188.8.131.52
R7000, which is fixed in firmware version 184.108.40.206
R6900, which is fixed in firmware version 220.127.116.11
R6700, which is fixed in firmware version 18.104.22.168
RS400, which is fixed in firmware version 22.214.171.124
R7900, which is fixed in firmware version 126.96.36.199
R7000P, which is fixed in firmware version 188.8.131.52_HOTFIX
R6900P, which is fixed in firmware version 3.3.142_HOTFIX
R6700v3, which is fixed in firmware version 184.108.40.206
R6400v2, which is fixed in firmware version 220.127.116.11