Trending

ee-track">
Link copied!

NETGEAR Urges Immediate Firmware Updates for Critical Security Flaws

NETGEAR has patched two critical security vulnerabilities affecting XR series routers and WAX series access points.

February 4, 2025 · 4 min read
NETGEAR Urges Immediate Firmware Updates for Critical Security Flaws

Overview

NETGEAR has recently addressed two critical security vulnerabilities affecting its products, which, if exploited, could allow unauthenticated attackers to execute arbitrary code or remotely exploit devices. These vulnerabilities impact multiple models, including the XR series routers and WAX series access points. Given the high severity of these vulnerabilities, with Common Vulnerability Scoring System (CVSS) scores of 9.8 and 9.6, users are strongly advised to update their devices immediately to the latest firmware versions to prevent potential cyber threats.

Details of the Security Vulnerabilities

The vulnerabilities impact several NETGEAR devices and could allow remote attackers to take control of the affected routers and access points without requiring authentication. Such security flaws are particularly concerning as they can be leveraged for malicious activities, including data theft, network disruption, and unauthorized surveillance.

Affected Devices and Firmware Updates

NETGEAR has released fixes for the unauthenticated remote code execution (RCE) security vulnerability affecting the following models:

  • XR1000: Fixed in firmware version 1.0.0.74
  • XR1000v2: Fixed in firmware version 1.1.0.22
  • XR500: Fixed in firmware version 2.3.2.134

NETGEAR strongly recommends that all users of these models download and install the latest firmware as soon as possible.

Steps to Update Your Firmware

To ensure your NETGEAR device is secure, follow these steps to update your firmware:

  1. Visit the NETGEAR Support website.
  2. Enter your device’s model number in the search box and select the correct model from the drop-down list.
  3. Click on downloads.
  4. Under Current Versions, select the download that begins with Firmware Version.
  5. Click download and follow the provided installation instructions in the product’s user manual or firmware release notes.

Keeping your firmware updated is essential to maintaining the security and functionality of your device.

Why These Vulnerabilities Are Critical

  • Remote Code Execution (RCE): This type of vulnerability allows attackers to execute arbitrary commands remotely on the affected device, potentially leading to full device compromise.
  • Unauthenticated Exploitation: The vulnerabilities do not require authentication, making them highly dangerous as attackers can exploit them without needing login credentials.
  • Network Compromise: Once compromised, an attacker could intercept, modify, or reroute network traffic, potentially leading to data breaches, espionage, or further attacks on connected devices.

Given these risks, failing to apply the recommended firmware updates could leave users vulnerable to cyber threats, including botnet infections, malware deployment, and unauthorized access to sensitive information.

Security Advisory and NETGEAR’s Stance

NETGEAR has released a security advisory under the identifier PSV-2023-0039, urging all affected users to take immediate action. Although no official CVE (Common Vulnerabilities and Exposures) IDs have been assigned, the company acknowledges the seriousness of these security issues.

Acknowledgments

The vulnerabilities were identified and reported through BugCrowd, a well-known security research platform specializing in vulnerability discovery and responsible disclosure. NETGEAR has rated the vulnerabilities as critical, with the CVSS score breakdown as follows:

  • CVSS Score: 9.8 (Critical)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

Best Practices for Keeping Your Devices Secure

To enhance security and prevent similar threats in the future, users should follow these best practices:

  1. Regular Firmware Updates: Always keep your device’s firmware up to date. Firmware updates often include security patches that address known vulnerabilities.
  2. Use NETGEAR’s Mobile Apps for Updates:
    1. Orbi products: Use the NETGEAR Orbi app.
    1. WiFi routers: Use the NETGEAR Nighthawk app.
    1. Business products: Use the NETGEAR Insight app (firmware updates through this app require an Insight subscription).
  3. Manual Firmware Updates: If your device is not supported by one of the apps, follow the manual update process via the official NETGEAR website.
  4. Enable Automatic Updates: If available, enable automatic firmware updates to ensure you receive security patches as soon as they are released.
  5. Change Default Credentials: If you haven’t already, change the default administrator credentials on your NETGEAR device to a strong, unique password.
  6. Monitor Network Activity: Keep an eye on unusual network behavior, such as unexpected reboots, unknown connected devices, or sudden drops in performance, which could indicate potential exploitation.

NETGEAR’s prompt response and security advisory highlight the need for users to remain vigilant and prioritize regular firmware updates to protect against emerging threats. By taking the recommended steps, users can safeguard their devices from unauthorized access and maintain the integrity of their network security.

Source:

https://jocert.ncsc.jo/EN/ListDetails/Security_Alerts__Advisorites/1203/93

https://kb.netgear.com/000066558/Security-Advisory-for-Unauthenticated-RCE-on-Some-WiFi-Routers-PSV-2023-0039

AI Threat Intelligence

Stop Executive Threats
Before They Strike

Monitor dark web chatter, detect lookalike domains, and protect your C-suite from targeted impersonation — in real time, across 50+ countries.

Scroll to Top

Book your session

Request a Personalized Demo

See how Cyble's threat intelligence protects your organization. A specialist will reach out within one business day.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams

Download the brochure

Get the Cyble Vision Brochure

Explore how Cyble Vision delivers AI-powered threat intelligence across your attack surface. Fill in your details to access the brochure.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams