This security advisory addresses the following CVE vulnerability: CVE-2017-6862.
NETGEAR is aware of a security issue that can allow a remote attacker to bypass authentication and execute commands on some router models. This vulnerability occurs when an attacker exploits a buffer overflow to reach the router’s web administration interface and execute commands without authentication.
This vulnerability can only be exploited when an attacker can access the internal network or when remote management is enabled on the router. Remote management is turned off by default; users can turn on remote management through advanced settings.
This vulnerability affects the following products:
- WNR2000v3
- WNR2000v4
- WNR2000v5
- R2000
NETGEAR has released firmware updates that fix the unauthenticated remote code execution vulnerability for all affected products.
NETGEAR strongly recommends that all affected users download the firmware update that fixes this vulnerability for your product as soon as possible.
To download the latest firmware for your NETGEAR product:
- Visit the NETGEAR Download Center.
- Under Search for, select the check box next to Firmware/Software.
- Enter your model number in the search box and click the magnifying glass.
- Select your model from the drop-down menu.
If you do not see a drop-down menu, make sure that you entered your model number correctly, or use the product drilldown to find your model.
- Click Release Notes under the most recent firmware version, which is the one closest to the top of the list.
Make sure that you are viewing release notes for a firmware version and not a software utility or an app. The title of the release notes page always begins with the words “Firmware Version.”
- Follow the instructions in the release notes to download and install the new firmware.
The potential for unauthenticated remote code execution remains if you do not update your firmware. NETGEAR is not responsible for any consequences that could have been avoided by updating your firmware as recommended in this notification.
This vulnerability was reported to NETGEAR by Maxime Peterlin of ON-X (https://www.on-x.com/).
Acknowledgements
Maxime Peterlin of ON-X Security
We appreciate and value having security concerns brought to our attention. NETGEAR constantly monitors for both known and unknown threats. Being pro-active rather than re-active to emerging security issues is fundamental for product support at NETGEAR.
It is NETGEAR's mission to be the innovative leader in connecting the world to the internet. To achieve this mission, we strive to earn and maintain the trust of those that use NETGEAR products for their connectivity.
To report a security vulnerability, visit https://bugcrowd.com/netgear.
If you are a NETGEAR customer with a security-related support concern, you can contact NETGEAR customer support at techsupport.security@netgear.com.
For all other issues, visit http://www.netgear.com/about/security/.
The security@netgear.com email address is no longer accepting messages and is no longer actively monitored.
Last Updated:10/02/2017
|
Article ID: 000038542