Rewterz Threat Advisory – Multiple NETGEAR Routers Vulnerabilities

Rewterz Threat Alert – DarkCrystal RAT (DCRat) – Active IOCs

July 3, 2023

Rewterz Threat Advisory – ICS: Mitsubishi Electric MELSEC-F Series Vulnerability

July 3, 2023

Rewterz Threat Advisory – Multiple NETGEAR Routers Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-35721 CVSS:8.1

Multiple NETGEAR Routers could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the update functionality. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2023-35722 CVSS:8.8

NETGEAR RAX30 could allow a remote attacker to execute arbitrary commands on the system, caused by a flaw in the handling of UPnP port mapping request. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

Impact

CVE-2023-35721
CVE-2023-35722

Indicators Of Compromise

CVE

CVE-2023-26134

Affected Vendors

NETGEAR

Affected Products

NETGEAR RAX30
NETGEAR RAX50

Remediation

Remediation details

Refer to NETGEAR Web site for patch, upgrade or suggested workaround information.

CVE-2023-35721

CVE-2023-35722

Rewterz Threat Alert – DarkCrystal RAT (DCRat) – Active IOCs

Rewterz Threat Advisory – ICS: Mitsubishi Electric MELSEC-F Series Vulnerability

Rewterz Threat Advisory – Multiple NETGEAR Routers Vulnerabilities

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan