Request a Demo
Rewterz
Rewterz Threat Alert – NJRAT – Active IOCs
March 14, 2023
Rewterz
Rewterz Threat Alert – MeterPreter Malware – Active IOCs
March 14, 2023

Rewterz Threat Advisory – Multiple Netgear Nighthawk WiFi6 Router Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-27853 CVSS:8.3

NETGEAR Nighthawk WiFi6 Router could allow a remote attacker to execute arbitrary code on the system, caused by a format string flaw in the SOAP service. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2023-27852 CVSS:8.8

NETGEAR Nighthawk WiFi6 Router is vulnerable to a buffer overflow, caused by improper bounds checking by the Password Reset CGI, Traffic Management CGI, and rex_cgi. By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system.

CVE-2023-27851 CVSS:9.8

NETGEAR Nighthawk WiFi6 Router could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the ReadyShare Default Share Configurations. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2023-27850 CVSS:7.6

NETGEAR Nighthawk WiFi6 Router could allow a physical attacker to bypass security restrictions, caused by a flaw in the ReadyShare function. By using a specially crafted USB device, an attacker could exploit this vulnerability to read and modify arbitrary files on the device.

CVE-2023-1205 CVSS:8.8

NETGEAR Nighthawk WiFi6 Router is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.

Impact

  • Code Execution
  • Security Bypass
  • Buffer Overflow
  • Unauthorized Access

Indicators Of Compromise

CVE

  • CVE-2023-27853
  • CVE-2023-27852
  • CVE-2023-27851
  • CVE-2023-27850
  • CVE-2023-1205

Affected Vendors

NETGEAR

Affected Products

  • NETGEAR Nighthawk WiFi6 Router 1.0.10

Remediation

Upgrade to the latest version of Nighthawk WiFi6 Router, available from the NETGEAR Web site.

NETGEAR Web site