Netgear has addressed critical security vulnerabilities across a range of WiFi router models. To stay protected, customers are urged to promptly upgrade their devices to the latest firmware available. Find out more about the specific Netgear models impacted and the steps you can take to protect your network.
Understanding the Security Risks
While Netgear has not provided further details on the two vulnerabilities, it has reported that unauthenticated attackers could exploit these for remote code execution and authentication bypass through low-complexity attacks that do not require user interaction.
The identified vulnerabilities are serious and impact multiple router models, including WiFi 6 access points and Nighthawk Pro Gaming routers. “NETGEAR strongly recommends that you download the latest firmware as soon as possible,” the company stated in security advisories released over the weekend.
The following table highlights the affected Netgear router models and firmware updates that include the necessary security patches:
| Vulnerable Router Model | Updated Patch Version |
| XR500 | 2.3.2.134 |
| XR1000 | 1.0.0.74 |
| XR1000v2 | 1.1.0.22 |
| WAX220 | 1.0.5.3 |
| WAX206 | 1.0.5.3 |
| WAX214v2 | 1.0.2.5 |
A Step-by-Step Guide to Update Firmware
To secure your router, follow these steps to update its firmware:
- Go to the NETGEAR Support website.
- Enter your model number in the search box, and select your model from the dropdown menu as it appears.
- If your model does not appear, double-check the model number entered or browse through the product categories to find your device.
- Click Downloads and under Current Versions, choose the first link that starts with Firmware Version.
- Open Release Notes and follow the outlined instructions to download and install the latest firmware.
Risks of Not Updating
“The unauthenticated RCE vulnerability remains if you do not complete all recommended steps,” the company cautioned on Saturday. Furthermore, the company stated, “NETGEAR is not responsible for any consequences that could have been avoided by following the recommendations in this notification.”
A similar advisory was issued by Netgear in July, which addressed other security concerns, including stored cross-site scripting (XSS) and authentication bypass vulnerabilities affecting several WiFi 6 router models.
Previously, security researchers also uncovered multiple flaws with varying degrees of severity in the WNR614 N300 model, which remains widely used among small business and home users.
Anas Hasan
February 6, 2025
1 month ago
