$type=slider$show=home$snippet=hide$cate=0$h=500$va=0$rm=0

Netgear router vulnerabilities could put small businesses at risk

Netgear has released a set of updated firmware for its small business routers and Wi-Fi extenders after a number of vulnerabilities were ...

Netgear has released a set of updated firmware for its small business routers and Wi-Fi extenders after a number of vulnerabilities were discovered in several models by security researchers at Immersive Labs.

If exploited, these vulnerabilities could be used to achieve unauthorized access to devices or even to modify the internal filesystem which can be abused to affect traffic passing through the device according to a new blog post from the cybersecurity firm.

Two vulnerabilities, tracked as PSV-2021-0169 and PSV-2021-0172, make it possible to gain authenticated access to affected Netgear devices. Once done, an attacker could then modify settings in the administration panel to run arbitrary commands on a victim's router. However, this kind of command injection also adds persistence which means that the vulnerability can still remain on an affected device even if the router is restarted or updated.

Additionally, commands could be used to open other ports or to allow command line access over the network to a victim's operating system. With operating system access, a malicious user could significantly impact the availability of one of Netgear's routers and the data that is passed through it.

Resetting a router's password

Another vulnerability, tracked as PSV-2021-0171, discovered in Netgear's routers by Immersive Labs can be exploited by an attacker with access to a local network.

By doing so, they can make a request to a router's UPNP port and view the device serial number. While this may sound fairly harmless at first, keep in mind that this serial number is used as part of the password reset function on most Netgear devices.

Although the likelihood of an attacker exploiting these vulnerabilities is considered low by Immersive Labs' security researchers, there is still a valid threat surface. By exploiting these three vulnerabilities, it is possible to add new files and configurations to any of the affected devices that could even survive a device reset. At the same time, it would also be possible to block any future firmware updates to keep a compromised device in this state.

Thankfully though, Netgear has now released patches for all of its affected small business routers which you can download here.

We've also highlighted the best small business routers, best Wi-Fi extenders, best endpoint protection software and best firewall



from TechRadar - All the latest technology news https://ift.tt/3En0N6i
via IFTTT

COMMENTS

BLOGGER
Name

Apps,3856,Business,149,Camera,1155,Earn $$$,2,Gadgets,1740,Games,926,GTA,1,Innovations,2,Mobile,1696,Paid Promotions,4,Promotions,4,Technology,7935,Trailers,796,Travel,37,Trendly News,23989,Video,5,XIAOMI,13,
ltr
item
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews: Netgear router vulnerabilities could put small businesses at risk
Netgear router vulnerabilities could put small businesses at risk
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews
http://www.trendlynews.in/2021/12/netgear-router-vulnerabilities-could.html
http://www.trendlynews.in/
http://www.trendlynews.in/
http://www.trendlynews.in/2021/12/netgear-router-vulnerabilities-could.html
true
3372890392287038985
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy