Netgear is warning users of a critical remote code execution bug that could allow an unauthenticated attacker to take control of its Wireless AC Router Nighthawk (R7800) hardware running firmware versions prior to 1.0.2.68. The warnings, posted Tuesday, also include two high-severity bugs impacting Nighthawk routers, 21 medium-severity flaws and one rated low.
The critical vulnerability, tracked by Netgear as
PSV-2019-0076, affects the company’s consumer Nighthawk X4S Smart Wi-Fi Router (R7800) first introduced in 2016 and still available today. Netgear is short on details tied to the vulnerability, only urging customers to visit its
online support page to download a patch for the bug.
The same R7800 model router is also vulnerable to a high-severity post-authentication command injection flaw,
tracked as PSV-2018-0352. In this case, the Nighthawk (R7800) router is vulnerable when running firmware prior to version 1.0.2.60.
The same high-severity command injection flaw (PSV-2018-0352) also exists in 29 other router models within the D6000, R6000, R7000, R8000, R9000 and XR500 family of Netgear hardware. Brands include 20 SKUs of the Wireless AC Router Nighthawk hardware, four of its Wireless AC Routers and four DSL Gateway AC devices.
Netgear is also mum on the technical specifics of how the command injection flaw manifests itself in the routers and gateway devices. Generally, a post-authentication command injection flaw can lead to a number of different attack scenarios including one that allows a hacker to completely compromise a device and gain root privileges.
On Tuesday, Netgear warned of a second high-severity post-authentication command injection flaw impacting five router models within the R6400, R6700, R6900 and R7900 SKUs and that are running specific vulnerable firmware. The security bulletin for the
vulnerability is PSV-2019-0051. These model routers typically fall under Netgear’s consumer devices.
