Tuesday, 20 December 2016

NETGEAR Security Advisory: Urgent Router Firmware Updates


NETGEAR is aware of the security issue #582384 that allows unauthenticated web pages to pass form input directly to the command-line interface. A remote attacker can potentially inject arbitrary commands which are then executed by the system.

NETGEAR has tested the following products and confirmed that they are vulnerable:

R6250***
R6400***
R6700*
R6900*
R7000***
R7100LG*
R7300DST*
R7900*
R8000***
D6220*
D6400*

All products followed by a single asterisk (*) have beta firmware fixes available. 
All products followed by three asterisks (***) have production firmware fixes available.