1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Netgear patches serious bug found in several popular routers

    From TechnologyDaily@1337:1/100 to All on Wed Sep 22 14:00:03 2021
    Netgear patches serious bug found in several popular routers

    Date:
    Wed, 22 Sep 2021 12:49:35 +0000

    Description:
    Implementation of a vulnerable third-party component could wreak havoc in Netgear routers, suggest researchers.

    FULL STORY ======================================================================

    Netgear has fixed a high severity remote code execution (RCE) vulnerability in the Circle parental control service, on several of Netgears Small Offices/Home Offices (SOHO) routers .

    What makes this vulnerability particularly interesting, is that even though
    it exists in a third-party component included in the firmware, it is just as damaging as a vulnerability that exists in the Netgear cores firmware,
    because of the fact that Circle runs with root permissions.

    The Circle update daemon that contains the vulnerability is enabled to run by default, even if you havent configured your router to use the parental
    control features. While it doesnt fix the underlying issue, simply disabling the vulnerable code when Circle is not in use would have prevented exploitation on most devices, notes Adam Nichols, researcher with cybersecurity experts GRIMM. These are the best small business routers Heres our list of the best secure routers Weve also rounded up the best powerline adapters

    Nichols suggests the vulnerability serves as a cautionary tale, and helps demonstrate the importance of attack surface reduction. Dont talk to
    strangers

    Under normal circumstances, a simple mitigation for the vulnerability
    (tracked as CVE-2021-40847) in Circle would have been to disable the service. However, this wouldnt work here, since the vulnerability actually exists in Circles update daemon, circled , which too is enabled by default.

    In the post, Nichols explains that the update process relies on fetching unsigned updates over the unencrypted HTTP protocol. He reasons that an attacker can hijack the update process via a Man-in-the-Middle (MitM) attack, which would enable them to run code as root on the device.

    While Netgear has issued patches to fix the issue, GRIMM recommends the use
    of VPN to mitigate the risk posed by compromisable network routers. Heres our list of the best wireless mesh routers



    ======================================================================
    Link to news story: https://www.techradar.com/news/netgear-patches-serious-bug-found-in-several-po pular-routers/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)