- Netgear found two faults affecting the points and WiFi access routers
- To reduce them, he has published a new firmware for devices
- The company has urged users to apply the fix as soon as possible
Netgear recently confirmed a certain number of vulnerabilities of critical severity, distressing several access points and routers.
Since bugs can be used in attacks that require any user interaction and can cause the execution of remote code (RCE), Netgear has urged its customers to apply the fixed fixes released without delay.
A Netgear security notice noted that the two faults are followed internally under the name of PSV-2023-0039 (a defect in the execution of remote code) and PSV-2017 (a defect in authentication). They affect these WiFi 6 access points and Nighthawk Pro game routers: XR1000, XR1000V2, XR500, Wax206, Wax220 and Wax214V2.
Reach end -of -life status
“Netgear strongly recommends downloading the latest firmware as soon as possible,” said the company in the security advice, before giving a step -by -step tutorial on how to download and install the latest firmware for Netgear routers.
“Netgear is not responsible for the consequences that could have been avoided by following the recommendations of this notification,” he warned.
Internet routers and WiFi access points are among the most attacked devices because they serve as a gateway between a local and internet network. They are also often considered as a “low suspension fruit” in cyber attacks, because many have default identification information, obsolete firmware or low security configurations. In many cases, users keep their devices after their end of life date, losing the support and exposing known vulnerabilities.
Attackers can use compromise routers for botnets, human attacks in the world, dresses dresses or data interception. Since routers operate 24/7 and control network traffic, an attacker who takes control can redirect users to malware, steal identification information or deploy malware on networks.
Due to its popularity, Netgear is a popular target for pirates. In June 2024, a popular Netgear Small Business Router for the Budget was deemed vulnerable to half a dozen faults that could lead to the theft of sensitive information, and perhaps even a complete takeover of the devices. The device has reached its end of life, so Netgear did not bother to release a patch.
