6 critical vulnerabilities in Netgear routers

Cybersecurity specialists report the detection of at least six high-risk vulnerabilities and no known updates in the latest firmware version for Netgear Nighthawk R6700v3 routers. These devices are widely used in various sectors, thanks to their features focused on gaming, parental control and maximizing network resources.

All the flaws were detected by a team of specialists from the security firm Tenable, who report that the successful exploitation of the vulnerabilities would allow threat actors to take full control of the affected device.

The following are briefly described the found security bugs: 

  • CVE-2021-20173: Post-authentication command injection error in router update functionality
  • CVE-2021-20174: Default use of HTTP in all device web interface communications would allow threat actors to intercept access credentials in plain text
  • CVE-2021-20175: The SOAP interface (port 5000) uses HTTP to communicate by default, creating the risk of credential exposure in plain text
  • CVE-2021-23147: Error executing commands with root user privileges over a UART port connection
  • CVE-2021-45732: Manipulating device settings through encrypted encryption routines would allow the change of settings blocked for security reasons
  • CVE-2021-45077: All user names and passwords for device services are stored in plain text format in the configuration file by default

These flaws were reported to the manufacturer in September 2021, in a notification adhering to the criteria of the cybersecurity community. In addition to these flaws, Tenable reported the detection of multiple security flaws in some jQuerry libraries based on version 1.4.2. Other less severe flaws reside in the MiniDLNA server, used by these routers.

The company recommends users reset their access credentials to mitigate the risk of exploitation of these flaws, in addition to following security best practices. Netgear also recommends users continually check their firmware download portal to know when their official updates are released.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.