Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched

Researchers discovered multiple high-risk vulnerabilities affecting the latest firmware version for the Netgear Nighthawk R6700v3 router.

Researchers from Tenable have discovered multiple vulnerabilities in the latest firmware version (version 1.0.4.120) of the popular Netgear Nighthawk R6700v3 WiFi router.

An attacker can trigger the vulnerabilities to take full control of the vulnerable devices. Below is the list of flaws discovered by the researchers:

• CVE-2021-20173: Post Authentication Command Injection via SOAP Interface.
• CVE-2021-20174: Default HTTP Communication (Web Interface).
• CVE-2021-20175: Default HTTP Communication (SOAP Interface).
• CVE-2021-23147: Insufficient UART Protection Mechanisms.
• CVE-2021-45732: Configuration Manipulation via Hardcoded Encryption Routines.
• CVE-2021-45077: Plaintext Password Storage.

Researchers discovered multiple instances of known vulnerable jQuery libraries (such as jquery 1.4.2), for this reason, they are urging to update them to the latest available versions.

Experts also discovered that the version of minidlna.exe running on the routers is affected by publicly known vulnerabilities. We recommend upgrading to a more recent version.

The researchers also reported that the device uses a MiniDLNA version which is known to be affected by multiple flaws.

Below is the disclosure timeline shared by Tenable:

• September 30, 2021 – Tenable discloses to vendor.
• October 4, 2021 – Vendor provides formal acknowledgment.
• October 7, 2021 – Vendor requests clarification. Tenable needs more information from vendor. Vendor supplies information.
• October 8, 2021 – Tenable provides testing suggestions.
• October 26, 2021 – Tenable requests status update.
• November 12, 2021 – Vendor provides status update.

The vulnerabilities affect firmware version 1.0.4.120, which is the latest release for the device.

Tenable pointed out that at the time of this writing the vulnerabilities are yet to be addressed.

“Tenable has not been informed of any available patches for these issues at the time of this writing.” states Tenable.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Netgear Nighthawk)

[adrotate banner=”5″]

[adrotate banner=”13″]