Industrial and IoT cybersecurity firm Claroty disclosed technical details of five vulnerabilities that be exploited to hack some Netgear router models.
“Team82 disclosed five vulnerabilities in NETGEAR’s Nighthawk RAX30 routers as part of its research and participation in last December’s Pwn2Own Toronto hacking competition.” reads the advisory published by the security firm. “Successful exploits could allow attackers to monitor users’ internet activity, highjack internet connections and redirect traffic to malicious websites or inject malware into network traffic. An attacker could also use these vulnerabilities to access and control networked smart devices (security cameras, thermostats, smart locks), change router settings including credentials or DNS settings, or use a compromised network to launch attacks against other devices or networks.”
The vulnerabilities, tracked as CVE-2023-27357, CVE-2023-27367, CVE-2023-27368, CVE-2023-27369, CVE-2023-27370
Claroty used the exploit to hack Netgear’s Nighthawk RAX30 SOHO router, the team earned $2,500 at Pwn2Own for demonstrating the attack.
“NETGEAR is aware of multiple security vulnerabilities on the RAX30. These vulnerabilities require an attacker to have your WiFi password or an Ethernet connection to your network to be exploited.” reads the advisory published by NETGEAR. “NETGEAR strongly recommends that you download the latest firmware as soon as possible.”
The vendor addressed the issues in April 2023 with the release of firmware version 22.214.171.124 for the RAX30 router family.
Below are the details of the issues:
soap_serverdStack-based Buffer Overflow Authentication Bypass Vulnerability
Two of the above issues are Stack-based Buffer Overflow Authentication Bypass Vulnerabilities that can lead to remote code execution. The remaining ones are authentication bypass and command injection flaws.
“NETGEAR recommends users update these devices immediately.” concludes the advisory.
We are in the final!
Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini
Please nominate Security Affairs as your favorite blog.
Nominate Pierluigi Paganini and Security Affairs here here: https://docs.google.com/forms/d/e/1FAIpQLSepvnj8b7QzMdLh7vWEDQDqohjBUsHyn3x3xRdYGCetwVy2DA/viewform
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, router)