The official site for Saudi CERT
Your review has been sent successfully
Netgear Alert
2563
Warning Date
Severity Level
Warning Number
Target Sector
30 June, 2022
● High
2022-5022
All
Description:
NETGEAR has released security updates to address several vulnerabilities in the following products:
- RAX80, running firmware versions prior to 1.0.6.138
- R6400v2, running firmware versions prior to 1.0.4.122
- R6700v3, running firmware versions prior to 1.0.4.122
- RAX75, running firmware versions prior to 1.0.6.138
- RAX200, running firmware versions prior to 1.0.6.138
- RBK50, running firmware versions prior to 2.7.4.24
- RBR50, running firmware versions prior to 2.7.4.24
- RBS50, running firmware versions prior to 2.7.4.24
- R7000, running firmware versions prior to 1.0.11.116
- R6400, running firmware versions prior to 1.0.1.70
- R6400v2, running firmware versions prior to 1.0.4.118
- R7000P, running firmware versions prior to 1.3.3.148
- R7900, running firmware versions prior to 1.0.4.46
- R8000, running firmware versions prior to 1.0.4.74
- XR300, running firmware versions prior to 1.0.3.72
- R8000, running firmware versions prior to 1.0.4.84
- R8000P, running firmware versions prior to 1.4.1.66
- MK62, running firmware versions prior to 1.0.6.110
- RBK852, running firmware versions prior to 3.2.16.6
- RBK752, running firmware versions prior to 3.2.16.6
- R7000, running firmware versions prior to 1.0.11.116
- R7000P, running firmware versions prior to 1.3.3.148
- R7900, running firmware versions prior to 1.0.4.38
- R7960P, running firmware versions prior to 1.4.1.66
- R8000, running firmware versions prior to 1.0.4.68
- R7900P, running firmware versions prior to 1.4.1.66
- RAX20, running firmware versions prior to 1.0.1.64
- RAX50, running firmware versions prior to 1.0.2.28
- RAX75, running firmware versions prior to 1.0.3.106
- RAX200, running firmware versions prior to 1.0.3.106
- MR60, running firmware versions prior to 1.0.6.110
- MS60, running firmware versions prior to 1.0.6.110
- RAX15, running firmware versions prior to 1.0.1.64
- RAX45, running firmware versions prior to 1.0.2.28
- RAX80, running firmware versions prior to 1.0.3.106
- RBR750, running firmware versions prior to 3.2.16.6
- RBR850, running firmware versions prior to 3.2.16.6
- RBS750, running firmware versions prior to 3.2.16.6
- RBS850, running firmware versions prior to 3.2.16.6
- RBK852, running firmware versions prior to 3.2.16.6
- RBK752, running firmware versions prior to 3.2.16.6
- R7000, running firmware versions prior to 1.0.11.116
- R7000P, running firmware versions prior to 1.3.3.140
- R7900, running firmware versions prior to 1.0.4.38
- R7960P, running firmware versions prior to 1.4.3.88
- R8000P, running firmware versions prior to 1.4.3.88
- RAX20, running firmware versions prior to 1.0.2.82
- RAX50, running firmware versions prior to 1.0.2.72
- RAX75, running firmware versions prior to 1.0.3.106
- RAX200, running firmware versions prior to 1.0.3.106
- R8000, running firmware versions prior to 1.0.4.68
- RAX15, running firmware versions prior to 1.0.2.82
- RAX45, running firmware versions prior to 1.0.2.72
- RAX80, running firmware versions prior to 1.0.3.106
- RBR750, running firmware versions prior to 3.2.16.6
- RBR850, running firmware versions prior to 3.2.16.6
- RBS750, running firmware versions prior to 3.2.16.6
- RBS850, running firmware versions prior to 3.2.16.6
- R7000P, running firmware versions prior to 1.3.3.148
- R7000, running firmware versions prior to 1.0.11.130
- R6900P, running firmware versions prior to 1.3.3.148
- R8000, running firmware versions prior to 1.0.4.76
- R7000P, running firmware versions prior to 1.3.3.148
- R6900P, running firmware versions prior to 1.3.3.148
- MK62, running firmware versions prior to 1.0.6.110
- CBR40, running firmware versions prior to 2.5.0.24
- RBK852, running firmware versions prior to 3.2.16.22
- RBK752, running firmware versions prior to 3.2.16.22
- R6400v2, running firmware versions prior to 1.0.4.122
- R7000, running firmware versions prior to 1.0.11.116
- R7000P, running firmware versions prior to 1.3.3.148
- R7900, running firmware versions prior to 1.0.4.38
- R7960P, running firmware versions prior to 1.4.1.66
- R8000P, running firmware versions prior to 1.4.1.66
- RAX20, running firmware versions prior to 1.0.2.82
- RAX50, running firmware versions prior to 1.0.2.82
- RAX75, running firmware versions prior to 1.0.3.106
- RAX200, running firmware versions prior to 1.0.3.106
- R8000, running firmware versions prior to 1.0.4.68
- MR60, running firmware versions prior to 1.0.6.110
- MS60, running firmware versions prior to 1.0.6.110
- RAX15, running firmware versions prior to 1.0.2.82
- RAX45, running firmware versions prior to 1.0.2.82
- RAX80, running firmware versions prior to 1.0.3.106
- RBR750, running firmware versions prior to 3.2.16.22
- RBR850, running firmware versions prior to 3.2.16.22
- RBS750, running firmware versions prior to 3.2.16.22
- RBS850, running firmware versions prior to 3.2.16.22
- R7000, running firmware versions prior to 1.0.11.126
- MK62, running firmware versions prior to 1.1.6.122
- RBK852, running firmware versions prior to 3.2.16.22
- RBK752, running firmware versions prior to 3.2.16.22
- RAX20, running firmware versions prior to 1.0.10.110
- RAX75, running firmware versions prior to 1.0.5.126
- RAX200, running firmware versions prior to 1.0.5.126
- MR60, running firmware versions prior to 1.1.6.122
- MS60, running firmware versions prior to 1.1.6.122
- RAX15, running firmware versions prior to 1.0.10.110
- RAX80, running firmware versions prior to 1.0.5.126
- RBR750, running firmware versions prior to 3.2.16.22
- RBR850, running firmware versions prior to 3.2.16.22
- RBS750, running firmware versions prior to 3.2.16.22
- RBS850, running firmware versions prior to 3.2.16.22
- RBK852, running firmware versions prior to 3.2.17.12
- CBR40, running firmware versions prior to 2.5.0.28
- RBK752, running firmware versions prior to 3.2.17.12
- CBR750, running firmware versions prior to 4.6.3.6
- RBR750, running firmware versions prior to 3.2.17.12
- RBR850, running firmware versions prior to 3.2.17.12
- RBS750, running firmware versions prior to 3.2.17.12
- RBS850, running firmware versions prior to 3.2.17.12
- RBK852, running firmware versions prior to 3.2.17.12
- CBR40, running firmware versions prior to 2.5.0.28
- RBK752, running firmware versions prior to 3.2.17.12
- CBR750, running firmware versions prior to 4.6.3.6
- RBR750, running firmware versions prior to 3.2.17.12
- RBR850, running firmware versions prior to 3.2.17.12
- RBS750, running firmware versions prior to 3.2.17.12
- RBS850, running firmware versions prior to 3.2.17.12
- RBK852, running firmware versions prior to 3.2.17.12
- MK62, running firmware versions prior to 1.0.6.116
- RBK752, running firmware versions prior to 3.2.17.12
- R6300v2, running firmware versions prior to 1.0.4.52
- R6400, running firmware versions prior to 1.0.1.70
- R6400v2, running firmware versions prior to 1.0.4.122
- R7000, running firmware versions prior to 1.0.11.126
- R7000P, running firmware versions prior to 1.3.3.148
- R7900, running firmware versions prior to 1.0.4.38
- R7960P, running firmware versions prior to 1.4.2.84
- R7850, running firmware versions prior to 1.0.5.74
- R8000, running firmware versions prior to 1.0.4.74
- R8000P, running firmware versions prior to 1.4.2.84
- RAX20, running firmware versions prior to 1.0.3.96
- RAX45, running firmware versions prior to 1.0.3.96
- RAX75, running firmware versions prior to 1.0.4.120
- RAX200, running firmware versions prior to 1.0.4.120
- CBR750, running firmware versions prior to 4.6.3.6
- LAX20, running firmware versions prior to 1.1.6.28
- MK83, running firmware versions prior to 1.1.6.4
- XR1000, running firmware versions prior to 1.0.0.58
- MR60, running firmware versions prior to 1.0.6.116
- MR80, running firmware versions prior to 1.1.6.4
- MS60, running firmware versions prior to 1.0.6.116
- MS80, running firmware versions prior to 1.1.6.4
- RAX15, running firmware versions prior to 1.0.3.96
- RAX80, running firmware versions prior to 1.0.4.120
- RBR750, running firmware versions prior to 3.2.17.12
- RBR850, running firmware versions prior to 3.2.17.12
- RBS750, running firmware versions prior to 3.2.17.12
- RBS850, running firmware versions prior to 3.2.17.12
- RAX50, running firmware versions prior to 1.0.3.96
- RAX43, running firmware versions prior to 1.0.3.96
- RAX40v2, running firmware versions prior to 1.0.3.96
- RAX35v2, running firmware versions prior to 1.0.3.96
- RBK852, running firmware versions prior to 3.2.17.12
- CAX80, running firmware versions prior to 2.1.3.1
- D7800, running firmware versions prior to 1.0.1.64
- EX6150v2, running firmware versions prior to 1.0.1.106
- EX6250, running firmware versions prior to 1.0.0.146
- EX6410, running firmware versions prior to 1.0.0.146
- EX7320, running firmware versions prior to 1.0.0.146
- EX7700, running firmware versions prior to 1.0.0.216
- EX8000, running firmware versions prior to 1.0.1.232
- MK62, running firmware versions prior to 1.0.6.116
- LBR20, running firmware versions prior to 2.6.3.50
- RBK752, running firmware versions prior to 3.2.17.12
- R7800, running firmware versions prior to 1.0.2.84
- R8900, running firmware versions prior to 1.0.5.36
- R9000, running firmware versions prior to 1.0.5.36
- RAX20, running firmware versions prior to 1.0.10.110
- RAX40, running firmware versions prior to 1.0.3.94
- RAX45, running firmware versions prior to 1.0.3.96
- RAX120, running firmware versions prior to 1.2.1.22
- XR450, running firmware versions prior to 2.3.2.114
- XR500, running firmware versions prior to 2.3.2.114
- XR700, running firmware versions prior to 1.0.1.44
- CBR750, running firmware versions prior to 3.2.18.2
- LBR1020, running firmware versions prior to 2.6.3.58
- RAX10, running firmware versions prior to 1.0.3.92
- RAX70, running firmware versions prior to 1.0.3.92
- RAX78, running firmware versions prior to 1.0.3.92
- RBK352, running firmware versions prior to 4.4.0.10
- EX6400v2, running firmware versions prior to 1.0.0.146
- EX6420, running firmware versions prior to 1.0.0.146
- EX7300v2, running firmware versions prior to 1.0.0.146
- MR60, running firmware versions prior to 1.0.6.116
- MS60, running firmware versions prior to 1.0.6.116
- R6700AX, running firmware versions prior to 1.0.3.92
- RAX120v2, running firmware versions prior to 1.2.1.22
- RAX15, running firmware versions prior to 1.0.10.110
- RAX35, running firmware versions prior to 1.0.3.94
- RAX38, running firmware versions prior to 1.0.3.94
- RBR350, running firmware versions prior to 4.4.0.10
- RBR750, running firmware versions prior to 3.2.17.12
- RBR850, running firmware versions prior to 3.2.17.12
- RBS350, running firmware versions prior to 4.4.0.10
- RBS750, running firmware versions prior to 3.2.17.12
- RBS850, running firmware versions prior to 3.2.17.12
- RAX50, running firmware versions prior to 1.0.3.96
- RAX43, running firmware versions prior to 1.0.3.96
- RAX40v2, running firmware versions prior to 1.0.3.96
- RAX35v2, running firmware versions prior to 1.0.3.96
- RBK852, running firmware versions prior to 3.2.17.12
- MK62, running firmware versions prior to 1.0.6.116
- MK80, running firmware versions prior to 1.1.3.6
- CBR40, running firmware versions prior to 2.5.0.24
- R6400, running firmware versions prior to 1.0.1.70
- R6400v2, running firmware versions prior to 1.0.4.118
- R7000, running firmware versions prior to 1.0.11.126
- R7000P, running firmware versions prior to 1.3.3.140
- R7900, running firmware versions prior to 1.0.4.46
- R7960P, running firmware versions prior to 1.4.2.84
- R7850, running firmware versions prior to 1.0.5.74
- R8000, running firmware versions prior to 1.0.4.74
- R8000P, running firmware versions prior to 1.4.2.84
- RAX75, running firmware versions prior to 1.0.4.120
- RAX200, running firmware versions prior to 1.0.4.120
- RS400, running firmware versions prior to 1.5.1.80
- CBR750, running firmware versions prior to 4.6.3.6
- LAX20, running firmware versions prior to 1.1.6.34
- MK62, running firmware versions prior to 1.1.3.6
- XR1000, running firmware versions prior to 1.0.0.58
- MR60, running firmware versions prior to 1.0.6.116
- MR80, running firmware versions prior to 1.1.3.6
- MS60, running firmware versions prior to 1.0.6.116
- MS80, running firmware versions prior to 1.1.3.6
- RAX80, running firmware versions prior to 1.0.4.120
- RBR850, running firmware versions prior to 3.2.17.12
- RBS850, running firmware versions prior to 3.2.17.12
- R8000P, running firmware versions prior to 1.4.2.84
- EAX20, running firmware versions prior to 1.0.0.58
- EAX80, running firmware versions prior to 1.0.1.68
- EX7000, running firmware versions prior to 1.0.1.104
- MK62, running firmware versions prior to 1.0.6.116
- RBW30, running firmware versions prior to 2.6.2.6
- RBK852, running firmware versions prior to 3.2.17.12
- RBK752, running firmware versions prior to 3.2.17.12
- R6400, running firmware versions prior to 1.0.1.70
- R6400v2, running firmware versions prior to 1.0.4.118
- R7000, running firmware versions prior to 1.0.11.126
- R7000P, running firmware versions prior to 1.3.3.148
- R7900, running firmware versions prior to 1.0.4.46
- R7960P, running firmware versions prior to 1.4.2.84
- R7850, running firmware versions prior to 1.0.5.74
- R8000, running firmware versions prior to 1.0.4.74
- R7900P, running firmware versions prior to 1.4.2.84
- RAX20, running firmware versions prior to 1.0.3.96
- RAX45, running firmware versions prior to 1.0.3.96
- RAX75, running firmware versions prior to 1.0.4.120
- RAX200, running firmware versions prior to 1.0.4.120
- LAX20, running firmware versions prior to 1.1.6.28
- MK83, running firmware versions prior to 1.1.6.14
- XR1000, running firmware versions prior to 1.0.0.58
- MR60, running firmware versions prior to 1.0.6.116
- MR80, running firmware versions prior to 1.1.6.14
- MS60, running firmware versions prior to 1.0.6.116
- MS80, running firmware versions prior to 1.1.6.14
- RAX15, running firmware versions prior to 1.0.3.96
- RAX80, running firmware versions prior to 1.0.4.120
- RBR750, running firmware versions prior to 3.2.17.12
- RBR850, running firmware versions prior to 3.2.17.12
- RBS750, running firmware versions prior to 3.2.17.12
- RBS850, running firmware versions prior to 3.2.17.12
- RAX50, running firmware versions prior to 1.0.3.96
- RAX43, running firmware versions prior to 1.0.3.96
- RAX40v2, running firmware versions prior to 1.0.3.96
- RAX35v2, running firmware versions prior to 1.0.3.96
- R6400v2, running firmware versions prior to 1.0.4.126
- R7000, running firmware versions prior to 1.0.11.130
- R7000P, running firmware versions prior to 1.3.3.148
- R7900, running firmware versions prior to 1.0.4.46
- R7960P, running firmware versions prior to 1.4.2.84
- R7850, running firmware versions prior to 1.0.5.74
- R8000, running firmware versions prior to 1.0.4.74
- R8000P, running firmware versions prior to 1.4.2.84
- RAX75, running firmware versions prior to 1.0.6.138
- RAX200, running firmware versions prior to 1.0.6.138
- RS400, running firmware versions prior to 1.5.1.86
- RAX80, running firmware versions prior to 1.0.6.138
- RAXE500, running firmware versions prior to 1.0.8.70
- RAXE450, running firmware versions prior to 1.0.8.70
- XR1000, running firmware versions prior to 1.0.0.64
- MK83, running firmware versions prior to 1.1.6.14
- MK62, running firmware versions prior to 1.1.6.122
- R6400v2, running firmware versions prior to 1.0.4.122
- R7850, running firmware versions prior to 1.0.5.76
- R6700v3, running firmware versions prior to 1.0.4.122
- R7000P, running firmware versions prior to 1.3.3.148
- R6900P, running firmware versions prior to 1.3.3.148
- R8000, running firmware versions prior to 1.0.4.76
- RS400, running firmware versions prior to 1.5.1.86
- XR300, running firmware versions prior to 1.0.3.68
- DC112A, running firmware versions prior to 1.0.0.64
- R6400, running firmware versions prior to 1.0.1.76
- WNDR3400v3, running firmware versions prior to 1.0.1.44
- R7000, running firmware versions prior to 1.0.11.130
- MR60, running firmware versions prior to 1.1.6.122
- MR80, running firmware versions prior to 1.1.6.14
- MS60, running firmware versions prior to 1.1.6.122
- MS80, running firmware versions prior to 1.1.6.14
- R7000, running firmware versions prior to 1.0.11.130
- R7000P, running firmware versions prior to 1.3.3.148
- R6900P, running firmware versions prior to 1.3.3.148
- EX7000, running firmware versions prior to 1.0.1.106
- RS400, running firmware versions prior to 1.5.1.86
- XR500, running firmware versions prior to 2.3.2.134
- XR450, running firmware versions prior to 2.3.2.134
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Buffer overflow
- Execute arbitrary code
- Code injection
Best practice and Recommendations:
The CERT team encourages users to review NETGEAR security advisory and apply the necessary updates:
- https://kb.netgear.com/000065015/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-PSV-2018-0636?article=000065015
- https://kb.netgear.com/000065016/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Orbi-WiFi-Systems-PSV-2019-0068?article=000065016
- https://kb.netgear.com/000065019/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2019-0219?article=000065019
- https://kb.netgear.com/000065022/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2020-0216?article=000065022
- https://kb.netgear.com/000065023/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0219?article=000065023
- https://kb.netgear.com/000065024/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0262?article=000065024
- https://kb.netgear.com/000065025/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2020-0272?article=000065025
- https://kb.netgear.com/000065027/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2020-0313?article=000065027
- https://kb.netgear.com/000065029/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0332?article=000065029
- https://kb.netgear.com/000065031/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0446?article=000065031
- https://kb.netgear.com/000065032/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0489?article=000065032
- https://kb.netgear.com/000065032/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0489?article=000065032
- https://kb.netgear.com/000065033/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0494?article=000065033
- https://kb.netgear.com/000065034/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0502?article=000065034
- https://kb.netgear.com/000065035/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0532?article=000065035
- https://kb.netgear.com/000065037/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0558?article=000065037
- https://kb.netgear.com/000065038/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-PSV-2020-0596?article=000065038
- https://kb.netgear.com/000065043/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2021-0187?article=000065043
- https://kb.netgear.com/000065044/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Extenders-PSV-2021-0205?article=000065044
- https://kb.netgear.com/000065045/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-PSV-2021-0250?article=000065045
Last updated at 30 June, 2022
Rate the content
Share the page
