Microsoft security researchers have disclosed three critical security vulnerabilities that affect NETGEAR DGN2200v1 series routers. The vulnerabilities in Netgear routers can lead to identity theft and full system compromise.

Description

The vulnerabilities allow access to the router management pages using an authentication bypass that lets a threat actor attain complete control over the router and obtain saved credentials via a cryptographic side-channel attack, and even recover the username and the password stored in the router’s memory by exploiting the configuration backup\restore feature.

The vulnerabilities, tracked as PSV-2020-0363, PSV-2020-0364 and PSV-2020-0365 by Netgear (CVEs were not issued), and which range in CVSS rating from high (7.4) to critical (9.4).

Impact

The vulnerabilities if exploited, can allow threat actors to bypass authentication to breach corporate networks and steal data and credentials.

Solution

NETGEAR has released fixes for multiple HTTPd authentication security vulnerabilities on the following product model:

  • DGN2200v1 running firmware versions prior to v1.0.0.60

NETGEAR strongly recommends that you download the latest firmware as soon as possible.

To download the latest firmware for your NETGEAR product:

  1. Visit NETGEAR Support.
  2. Start typing your model number in the search box, then select your model from the drop-down menu as soon as it appears.
    If you do not see a drop-down menu, make sure that you entered your model number correctly, or select a product category to browse for your product model.
  3. Click Downloads.
  4. Under Current Versions, select the download whose title begins with Firmware Version.
  5. Click Download.
  6. Follow the instructions in your product’s user manual, firmware release notes, or product support page to install the new firmware.

 

Source: Microsoft 365 Defender Research Team / NETGEAR