Researchers from Cisco Talos discovered vulnerabilities in NETGEAR wireless routers. ue to the incorrect configuration…
The issue is related to the web server component that is included with the Netgear firmware. This web server is used to support the built-in administration panel.
“As it turns out, the server does not validate user input correctly, does not use canary’s cookies to protect memory, and the server binary is not compiled as Position-independent Executable (PIE), which means that ASLR protection is not applied”, – said the experts.
As a result, as experts from Carnegie Mellon University wrote that many Netgear devices are susceptible to a stack buffer overflow that occurs when the httpd web server processes the upgrade_check.cgi file, and as a result, can lead to remote execution of an arbitrary code without authentication and with root- privileges.
Now The Register reports that Netgear developers have decided not to release fixes for 45 models of vulnerable devices, despite the fact that a PoC exploit is already available on the network. The fact is that the support period for these devices has already expired, and Netgear specialists considered that the RCE bug was not a reason to make exceptions.
Devices intended for home users, as well as for small and medium-sized businesses, were mostly left without patches. Trend Micro’s Zero Day Initiative specialist Brian Gorenc told reporters that such situations, unfortunately, are quite common:
“Unfortunately, there are many examples of manufacturers abandoning support for devices that are still widely used and sometimes even available for purchase. We hope manufacturers will be clear about their support policies and device lifecycles so consumers would be able to make informed choices”, — said Brian Gorenc.
Below are the vulnerable Netgear device models that will not receive patches:
I also recall that a year ago, Cisco Talos experts warned about dangerous vulnerabilities in NETGEAR routers.
Mubasinter.xyz is a domain that tries to trick you into subscribing to its browser notifications…
Garicund.xyz is a domain that tries to force you into subscribing to its browser notifications…
Qehu - General Info Qehu is a destructive software functioning as typical ransomware. Michael Gillespie,…
Qepi Virus - Details Qepi is a destructive software functioning as typical ransomware. Michael Gillespie,…
Wifebaabuy.live is a domain that tries to trick you into clik to its browser notifications…
Relativeads.net is a domain that tries to force you into clik to its browser notifications…