Your review has been sent successfully

NETGEAR Updates

2719
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Warning Date

Severity Level

Warning Number

Target Sector

28 September, 2021

● Critical

2021-3585

All

Description:

NETGEAR has released security updates to address multiple vulnerabilities in their products, mainly:

  • CBR750, running firmware versions prior to 4.6.3.6
  • RBK752, running firmware versions prior to 3.2.17.12
  • RBR750, running firmware versions prior to 3.2.17.12
  • RBS750, running firmware versions prior to 3.2.17.12
  • RBK852, running firmware versions prior to 3.2.17.12
  • RBR850, running firmware versions prior to 3.2.17.12
  • RBS850, running firmware versions prior to 3.2.17.12
  • RBS850, running firmware versions prior to 3.2.17.12
  • CBR40, running firmware versions prior to 2.5.0.24
  • CBR40, running firmware versions prior to 2.5.0.24
  • XR1000, running firmware versions prior to 1.0.0.58
  • RBK352, running firmware versions prior to 4.4.0.10
  • RBR350, running firmware versions prior to 4.4.0.10
  • RBS350, running firmware versions prior to 4.4.0.10
  • R6400v2, running firmware versions prior to 1.0.4.118
  • R6700v3, running firmware versions prior to 1.0.4.118
  • D7000v2 fixed in firmware version 1.0.0.74
  • R6400 fixed in firmware version 1.0.1.74
  • R6400v2 fixed in firmware version 1.0.4.118
  • R6700v3 fixed in firmware version 1.0.4.118
  • R6900P fixed in firmware version 1.3.3.140
  • R7000 fixed in firmware version 1.0.11.126
  • R7000P fixed in firmware version 1.3.3.140
  • R8300 fixed in firmware version 1.0.2.154
  • R8500 fixed in firmware version 1.0.2.154
  • RS400 fixed in firmware version 1.5.1.80
  • XR300 fixed in firmware version 1.0.3.66_HOTFIX
  • RAX200, running firmware versions prior to 1.0.4.120
  • RAX75, running firmware versions prior to 1.0.4.120
  • RAX80, running firmware versions prior to 1.0.4.120
  • D7000v2, running firmware versions prior to 1.0.0.74
  • LAX20, running firmware versions prior to 1.1.6.28
  • MK62, running firmware versions prior to 1.0.6.116
  • MR60, running firmware versions prior to 1.0.6.116
  • MS60, running firmware versions prior to 1.0.6.116
  • RAX15, running firmware versions prior to 1.0.3.96
  • RAX20, running firmware versions prior to 1.0.3.96
  • RAX45, running firmware versions prior to 1.0.3.96
  • RAX50, running firmware versions prior to 1.0.3.96
  • RAX43, running firmware versions prior to 1.0.3.96
  • RAX40v2, running firmware versions prior to 1.0.3.96
  • RAX35v2, running firmware versions prior to 1.0.3.96
  • XR1000, running
  • CBR40, running firmware versions prior to 2.5.0.24
  • CBR750, running firmware versions prior to 4.6.3.6
  • D7000v2, running firmware versions prior to 1.0.0.74
  • LAX20, running firmware versions prior to 1.1.6.28
  • MK62, running firmware versions prior to 1.0.6.116
  • MR60, running firmware versions prior to 1.0.6.116
  • MS60, running firmware versions prior to 1.0.6.116
  • MR80, running firmware versions prior to 1.1.2.20
  • MS80, running firmware versions prior to 1.1.2.20
  • RAX15, running firmware versions prior to 1.0.3.96
  • RAX20, running firmware versions prior to 1.0.3.96
  • RAX200, running firmware versions prior to 1.0.4.120
  • RAX45, running firmware versions prior to 1.0.3.96
  • RAX50, running firmware versions prior to 1.0.3.96
  • RAX43, running firmware versions prior to 1.0.3.96
  • RAX40v2, running firmware versions prior to 1.0.3.96
  • RAX35v2, running firmware versions prior to 1.0.3.96
  • RAX75, running firmware versions prior to 1.0.4.120
  • RAX80, running firmware versions prior to 1.0.4.120
  • RBK752, running firmware versions prior to 3.2.17.12
  • RBR750, running firmware versions prior to 3.2.17.12
  • RBS750, running firmware versions prior to 3.2.17.12
  • RBK852, running firmware versions prior to 3.2.17.12
  • RBR850, running firmware versions prior to 3.2.17.12
  • RBS850, running firmware versions prior to 3.2.17.12
  • XR1000, running firmware versions prior to 1.0.0.58
  • CBR750, running firmware versions prior to 3.2.18.2
  • RBS40V, running firmware versions prior to 2.6.2.4
  • RBW30, running firmware versions prior to 2.6.2.2
  • RBR852, running firmware versions prior to 3.2.17.12
  • RBS40V, running firmware versions prior to 2.6.2.8
  • R7000P, running firmware versions prior to 1.3.3.140
  • R8000, running firmware versions prior to 1.0.4.68
  • RBK20, running firmware versions prior to 2.6.1.36/ 2.6.1.38
  • RBR20, running firmware versions prior to 2.6.1.36
  • RBS20, running firmware versions prior to 2.6.1.38
  • RBK40, running firmware versions prior to 2.6.1.36/ 2.6.1.38
  • RBR40, running firmware versions prior to 2.6.1.36
  • RBS40, running firmware versions prior to 2.6.1.38
  • RBK50, running firmware versions prior to 2.6.1.40
  • RBR50, running firmware versions prior to 2.6.1.40
  • RBS50, running firmware versions prior to 2.6.1.40
  • RBS50Y, running firmware versions prior to 2.6.1.40

Threats:

Attacker could exploit these vulnerabilities by doing the following:

  • sensitive information disclosure
  • Command Injection

Best practice and Recommendations:

The CERT team encourages users to review NETGEAR security advisory and apply the necessary updates:

Last updated at 28 September, 2021

Rate the content

rate-icon
up icon