Cybersecurity specialists report the detection of a severe vulnerability in Netgear devices for home and small business use that could be exploited in order to execute remote code with root user privileges. Tracked as CVE-2021-34991, the fault was described as a buffer overflow in the Universal Plug-and-Play (UPnP) daemon of the affected products.
The flaw received a score of 8.8/10 according to the Common Vulnerability Scoring System (CVSS) and resides in Netgear products such as routers, WiFi extenders, and modems, report experts from security firm GRIMM. The researchers managed to develop an exploit capable of compromising vulnerable devices, even those that have received the latest updates.
According to the report, the flaw lies in the functions of the upnpd daemon related to the management of unauthenticated HTTP SUBSCRIBE and UNSUBSCRIBE requests from clients that want to receive updates every time the UPnP configuration of the network changes.
The researchers also mention that exploiting the flaw can be complicated because the buffer containing user input is converted to lowercase before the overflow, meaning that gadgets containing bytes with uppercase letters cannot be used, and because the copy that overflows the stack is a string copy.
A proof of concept (PoC) to exploit the vulnerability and a detailed technical analysis of the risk scenario are available on the researchers’ official platforms.
On the other hand, Netgear announced the release of security patches to address this new flaw, which will be applied to WiFi signal extenders, routers, air cards and cable modems, so users of affected deployments are invited to stay on top of the availability of updates. The company will also implement additional firmware fixes, though no mention was made of an approximate date for the release of these security measures.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a cyber security and malware researcher. He studied Computer Science at Miami and started working as a cyber security analyst in 2008. He is actively working as an cyber security investigator. He also worked for security companies like Cisco. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.