Netgear Auth Bypass, XSS Flaw: Patch Now to Stay Safe!

2 Mins Read

PureVPNNewsNetgear Auth Bypass, XSS Flaw: Patch Now to Stay Safe!

Netgear is warning users to upgrade their routers’ firmware, which fixes authentication bypass and stored cross-site scripting (XSS) flaws, affecting multiple models of WiFi 6 routers. Find out more about these vulnerabilities and how you can stay safe below!

Understanding the Security Flaws

The stored XSS flaw, identified as PSV-2023-0122, impacts the XR1000 Nighthawk gaming router and was corrected in firmware version 1.0.0.72. 

Although specific details of the bug were not disclosed by Netgear, such vulnerabilities typically allow cyber attackers to hijack user sessions, display deceptive login prompts, or redirect users to harmful websites, potentially leading to data theft and unauthorized actions under the user’s credentials.

The authentication bypass vulnerability, identified as PSV-2023-0138, affects the CAX30 Nighthawk AX6 6-Stream cable modem routers and was fixed in firmware version 2.2.2.2. 

Such a flaw could let attackers gain unauthorized access to the administrative settings of the router, possibly leading to full device control. This type of vulnerability is generally considered to be of the highest severity due to its implications.

How to Update Your Netgear Router’s Firmware 

Netgear has strongly advised users to update their router’s firmware without delay to prevent potential exploits. Below are step-by-step instructions provided by Netgear for updating your device:

  1. Visit the NETGEAR Support website.
  1. Enter your model number in the search box and select your model from the options that appear. If no options appear, make sure your model number is correct or try browsing through the product categories.
  1. Click the Downloads tab.
  1. Under Current Versions, pick the first download labeled with Firmware Version.
  1. Hit Download and follow the installation instructions.

The company has said, “NETGEAR is not responsible for any consequences that could have been avoided by following the recommendations in this notification.”

Additional Security Concerns

Security experts last month revealed several vulnerabilities in the Netgear WNR614 N300 model, popular among home and small business users. 

Since this model is no longer supported by Netgear due to reaching its end-of-life stage, no new security patches were issued. 

Instead, Netgear recommended users to replace these outdated routers or implement mitigation strategies to block potential attacks.

Final Word 

Keeping your network devices updated is crucial for maintaining security and functionality. By promptly installing these firmware updates, you can stay protected from the latest threats!

author

Anas Hasan

date

July 15, 2024

time

7 months ago

Anas Hassan is a tech geek and cybersecurity enthusiast. He has a vast experience in the field of digital transformation industry. When Anas isn’t blogging, he watches the football games.

Have Your Say!!

Join 3 million+ users to embrace internet freedom

Signup for PureVPN to get complete online security and privacy with a hidden IP address and encrypted internet traffic.