NETGEAR Update
1752Warning Date
Severity Level
Warning Number
Target Sector
5 September, 2021
● High
2021-3463
All
Description:
NETGEAR has released security update to address a vulnerability in the following products:
- GC108P fixed in firmware version 1.0.8.2
- GC108PP fixed in firmware version 1.0.8.2
- GS108Tv3 fixed in firmware version 7.0.7.2
- GS110TPP fixed in firmware version 7.0.7.2
- GS110TPv3 fixed in firmware version 7.0.7.2
- GS110TUP fixed in firmware version 1.0.5.3
- GS308T fixed in firmware version 1.0.3.2
- GS310TP fixed in firmware version 1.0.3.2
- GS710TUP fixed in firmware version 1.0.5.3
- GS716TP fixed in firmware version 1.0.4.2
- GS716TPP fixed in firmware version 1.0.4.2
- GS724TPP fixed in firmware version 2.0.6.3
- GS724TPv2 fixed in firmware version 2.0.6.3
- GS728TPPv2 fixed in firmware version 6.0.8.2
- GS728TPv2 fixed in firmware version 6.0.8.2
- GS750E fixed in firmware version 1.0.1.10
- GS752TPP fixed in firmware version 6.0.8.2
- GS752TPv2 fixed in firmware version 6.0.8.2
- MS510TXM fixed in firmware version 1.0.4.2
- MS510TXUP fixed in firmware version 1.0.4.2
- XR1000 fixed in firmware version 1.0.0.58
Threats:
An attacker could exploit these vulnerabilities by doing the following:
- Execute arbitrary code
Best practice and Recommendations:
The CERT team encourages users to review NETGEAR security advisory and apply the necessary updates:
- https://kb.netgear.com/000063967/Security-Advisory-for-a-Security-Misconfiguration-Vulnerability-on-the-XR1000-PSV-2021-0101?_ga=2.206034195.105659232.1630826456-549589840.1616322423
- https://kb.netgear.com/000063978/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Smart-Switches-PSV-2021-0140-PSV-2021-0144-PSV-2021-0145?article=000063978