NETGEAR Updates

Your review has been sent successfully

NETGEAR Updates

1900

Classification

Security Alert

● Critical

● High

● Medium

● Low

Warning Date

Severity Level

Warning Number

Target Sector

28 September, 2021

● Critical

2021-3585

All

Description:

NETGEAR has released security updates to address multiple vulnerabilities in their products, mainly:

CBR750, running firmware versions prior to 4.6.3.6
RBK752, running firmware versions prior to 3.2.17.12
RBR750, running firmware versions prior to 3.2.17.12
RBS750, running firmware versions prior to 3.2.17.12
RBK852, running firmware versions prior to 3.2.17.12
RBR850, running firmware versions prior to 3.2.17.12
RBS850, running firmware versions prior to 3.2.17.12
RBS850, running firmware versions prior to 3.2.17.12
CBR40, running firmware versions prior to 2.5.0.24
CBR40, running firmware versions prior to 2.5.0.24
XR1000, running firmware versions prior to 1.0.0.58
RBK352, running firmware versions prior to 4.4.0.10
RBR350, running firmware versions prior to 4.4.0.10
RBS350, running firmware versions prior to 4.4.0.10
R6400v2, running firmware versions prior to 1.0.4.118
R6700v3, running firmware versions prior to 1.0.4.118
D7000v2 fixed in firmware version 1.0.0.74
R6400 fixed in firmware version 1.0.1.74
R6400v2 fixed in firmware version 1.0.4.118
R6700v3 fixed in firmware version 1.0.4.118
R6900P fixed in firmware version 1.3.3.140
R7000 fixed in firmware version 1.0.11.126
R7000P fixed in firmware version 1.3.3.140
R8300 fixed in firmware version 1.0.2.154
R8500 fixed in firmware version 1.0.2.154
RS400 fixed in firmware version 1.5.1.80
XR300 fixed in firmware version 1.0.3.66_HOTFIX
RAX200, running firmware versions prior to 1.0.4.120
RAX75, running firmware versions prior to 1.0.4.120
RAX80, running firmware versions prior to 1.0.4.120
D7000v2, running firmware versions prior to 1.0.0.74
LAX20, running firmware versions prior to 1.1.6.28
MK62, running firmware versions prior to 1.0.6.116
MR60, running firmware versions prior to 1.0.6.116
MS60, running firmware versions prior to 1.0.6.116
RAX15, running firmware versions prior to 1.0.3.96
RAX20, running firmware versions prior to 1.0.3.96
RAX45, running firmware versions prior to 1.0.3.96
RAX50, running firmware versions prior to 1.0.3.96
RAX43, running firmware versions prior to 1.0.3.96
RAX40v2, running firmware versions prior to 1.0.3.96
RAX35v2, running firmware versions prior to 1.0.3.96
XR1000, running
CBR40, running firmware versions prior to 2.5.0.24
CBR750, running firmware versions prior to 4.6.3.6
D7000v2, running firmware versions prior to 1.0.0.74
LAX20, running firmware versions prior to 1.1.6.28
MK62, running firmware versions prior to 1.0.6.116
MR60, running firmware versions prior to 1.0.6.116
MS60, running firmware versions prior to 1.0.6.116
MR80, running firmware versions prior to 1.1.2.20
MS80, running firmware versions prior to 1.1.2.20
RAX15, running firmware versions prior to 1.0.3.96
RAX20, running firmware versions prior to 1.0.3.96
RAX200, running firmware versions prior to 1.0.4.120
RAX45, running firmware versions prior to 1.0.3.96
RAX50, running firmware versions prior to 1.0.3.96
RAX43, running firmware versions prior to 1.0.3.96
RAX40v2, running firmware versions prior to 1.0.3.96
RAX35v2, running firmware versions prior to 1.0.3.96
RAX75, running firmware versions prior to 1.0.4.120
RAX80, running firmware versions prior to 1.0.4.120
RBK752, running firmware versions prior to 3.2.17.12
RBR750, running firmware versions prior to 3.2.17.12
RBS750, running firmware versions prior to 3.2.17.12
RBK852, running firmware versions prior to 3.2.17.12
RBR850, running firmware versions prior to 3.2.17.12
RBS850, running firmware versions prior to 3.2.17.12
XR1000, running firmware versions prior to 1.0.0.58
CBR750, running firmware versions prior to 3.2.18.2
RBS40V, running firmware versions prior to 2.6.2.4
RBW30, running firmware versions prior to 2.6.2.2
RBR852, running firmware versions prior to 3.2.17.12
RBS40V, running firmware versions prior to 2.6.2.8
R7000P, running firmware versions prior to 1.3.3.140
R8000, running firmware versions prior to 1.0.4.68
RBK20, running firmware versions prior to 2.6.1.36/ 2.6.1.38
RBR20, running firmware versions prior to 2.6.1.36
RBS20, running firmware versions prior to 2.6.1.38
RBK40, running firmware versions prior to 2.6.1.36/ 2.6.1.38
RBR40, running firmware versions prior to 2.6.1.36
RBS40, running firmware versions prior to 2.6.1.38
RBK50, running firmware versions prior to 2.6.1.40
RBR50, running firmware versions prior to 2.6.1.40
RBS50, running firmware versions prior to 2.6.1.40
RBS50Y, running firmware versions prior to 2.6.1.40

Threats:

Attacker could exploit these vulnerabilities by doing the following:

sensitive information disclosure
Command Injection

Best practice and Recommendations:

The CERT team encourages users to review NETGEAR security advisory and apply the necessary updates:

Last updated at 28 September, 2021

NETGEAR Updates

Classification

Most Viewed Warnings