Netgear WiFi Extender Vulnerability Let Attackers Inject Malicious Commands


Security researchers have uncovered critical vulnerabilities in several popular Netgear WiFi extender models that could allow attackers to execute malicious commands on affected devices.

The flaws, tracked as CVE-2024-35518 and CVE-2024-35519, impact the Netgear EX6120, EX6100, and EX3700 extenders running older firmware versions.

SIEM as a Service

The most severe vulnerability, CVE-2024-35518, affects the Netgear EX6120 AC1200 Dual Band WiFi Range Extender running firmware version 1.0.0.68 and potentially earlier versions.

This flaw allows remote attackers to inject commands via the wan_dns1_pri parameter in the genie_fix2.cgi file, potentially granting full control over the device.

Analyse Any Suspicious Files With ANY.RUN: Intergarte With You Security Team -> Try for Free

A related vulnerability, CVE-2024-35519, impacts multiple Netgear extender models, including the EX6120, EX6100, and EX3700. This flaw enables command injection through the ap_mode parameter in the operating_mode.cgi file.

Both vulnerabilities have been assigned a CVSS score of 8.4, indicating high severity. The attack vector requires network adjacency and high privileges, but no user interaction is needed to exploit the flaws.

Netgear has acknowledged the vulnerabilities and released firmware updates to address the issues. Users of affected devices are strongly advised to update to the latest firmware versions immediately. For the EX6120, the fix is included in firmware version 1.0.0.98 for CVE-2024-35518 and version 1.0.0.70 for CVE-2024-3551

Researchers from the Communications Security Establishment (CSE) and the Security Research Centre (SRC) at Concordia University discovered the vulnerabilities. Their findings underscore the critical need for robust security measures in consumer networking devices.

Netgear has confirmed these vulnerabilities and provided detailed advisories on its website, urging users to apply the latest firmware updates to secure their devices against potential exploits.

Users of affected Netgear extenders should immediately check for firmware updates via the Netgear support website or through their device’s management interface.

Keeping device firmware up-to-date is crucial in protecting against emerging threats and ensuring network security.

These incidents highlight the ongoing challenges in securing IoT devices and the importance of timely updates from manufacturers to safeguard consumer technology from cyber threats.

How to Choose an ultimate Managed SIEM solution for Your Security Team -> Download Free Guide(PDF)



Source link