Netgear router vulnerabilities could put small businesses at risk

Asia's Tech News Daily

Netgear has released a set of updated firmware for its small business routers and Wi-Fi extenders after a number of vulnerabilities were discovered in several models by security researchers at Immersive Labs.

If exploited, these vulnerabilities could be used to achieve unauthorized access to devices or even to modify the internal filesystem which can be abused to affect traffic passing through the device according to a new blog post from the cybersecurity firm.

Two vulnerabilities, tracked as PSV-2021-0169 and PSV-2021-0172, make it possible to gain authenticated access to affected Netgear devices. Once done, an attacker could then modify settings in the administration panel to run arbitrary commands on a victim’s router. However, this kind of command injection also adds persistence which means that the vulnerability can still remain on an affected device even if the router is restarted or updated.

Additionally, commands could be used to open other ports or to allow command line access over the network to a victim’s operating system. With operating system access, a malicious user could significantly impact the availability of one of Netgear’s routers and the data that is passed through it.

Resetting a router’s password

Another vulnerability, tracked as PSV-2021-0171, discovered in Netgear’s routers by Immersive Labs can be exploited by an attacker with access to a local network.

By doing so, they can make a request to a router’s UPNP port and view the device serial number. While this may sound fairly harmless at first, keep in mind that this serial number is used as part of the password reset function on most Netgear devices.

Although the likelihood of an attacker exploiting these vulnerabilities is considered low by Immersive Labs’ security researchers, there is still a valid threat surface. By exploiting these three vulnerabilities, it is possible to add new files and configurations to any of the affected devices that could even survive a device reset. At the same time, it would also be possible to block any future firmware updates to keep a compromised device in this state.

Thankfully though, Netgear has now released patches for all of its affected small business routers which you can download here.

We’ve also highlighted the best small business routers, best Wi-Fi extenders, best endpoint protection software and best firewall

Internet Explorer Channel Network
Asia's Tech News Daily
News Related

OTHER NEWS

South Africa vs India live stream: how to watch 1st ODI cricket online from anywhere

South Africa and India are swapping the red ball for white. After a superb, evenly-contested Test series, it’s time for a trio of ODIs…and the tourists are baying for vengeance. ... Read more »

Doosan and Saudi Arabia to build joint casting and forging facility

SEOUL, Jan. 19 (Yonhap) — South Korea’s major power plant builder Doosan Heavy Industries & Construction said Wednesday it has signed a deal with Saudi Arabian Industrial Investments Co. and ... Read more »

S. Korea's spy agency detects malware infection in over 100 local IoT devices

SEOUL, Jan. 19 (Yonhap) — South Korea’s state intelligence agency said Wednesday it has identified more than 100 sets of Internet of Things (IoT) equipment in the country that have ... Read more »

Tesla Pi gets my motor running

I admit it, I'm getting excited about the Tesla Pi phone due out this year. The rumours have been flying fast and furious but there are some seemingly solid predictions. ... Read more »

Squares pegged: Wordle is the diversion we need now

The popular word puzzle game has captivated mobile users for its simple interface and addictive gameplay, all the while courting copycat apps looking to cash in on Wordle's popularity. Read more »

Apple, Google say US antitrust bills would harm user privacy and security amid bipartisan effort to rein in Big Tech

Apple Inc and Google warned US lawmakers Tuesday that bipartisan antitrust legislation aimed at curbing the power of big technology companies will threaten the privacy and security of users. Escalating ... Read more »

How to find jobs in your local area

Lots of people don’t want to leave their local area to find a job, and that’s completely understandable when family, friends, and hobbies are usually tied to specific locations. If ... Read more »

Tesla driver charged with vehicular manslaughter after deadly 2019 Autopilot crash

DETROIT — California prosecutors have filed two counts of vehicular manslaughter against the driver of a Tesla on Autopilot who ran a red light, slammed into another car, and killed ... Read more »

20 amazing Valentine's Day gifts for women that are romantic and thoughtful

— Recommendations are independently chosen by Reviewed’s editors. Purchases you make through our links may earn us a commission. Another Valentine’s Day is upon us, and while love doesn’t really ... Read more »

S. Korea, U.S. discuss new economic framework, supply chains

SEOUL, Jan. 19 (Yonhap) — The top trade officials of South Korea and the United States on Wednesday agreed to strengthen their strategic partnership to actively respond to supply chain ... Read more »

Microsoft to buy US gaming giant Activision-Blizzard for $69bn

Microsft has announced a massive deal to buy Activision Blizzard that could reshape gaming NEW YORK: Microsoft announced Tuesday a landmark $69 billion deal to purchase US gaming giant Activision ... Read more »

State pension fund cuts exposure to domestic shares in 2021

SEOUL, Jan. 19 (Yonhap) — South Korea’s state pension fund lowered its exposure to large cap and other domestic shares in 2021 in an apparent bid to boost returns and ... Read more »

China unlikely to ban NFTs as ‘digital collectibles' flourish, analysts say

The Chinese government is expected to keep a wary eye on the country’s mushrooming blockchain-backed “digital collectibles”, but it is unlikely to impose an outright ban on non-fungible tokens (NFTs) ... Read more »

This fake Nintendo site claims to offer huge discounts on Switch consoles

Japanese video game giant Nintendo has warned its customers of the existence of a fake site that claim to offer huge discounts on Nintendo Switch consoles and games. Just like ... Read more »

Hisense U7G Series Quantum ULED TV review

One-minute review Television sets like the U80G, U8G, U9DG and A6G have proven that Hisense can manufacture premium-like devices that won’t crush your bank account. While those sets offer a ... Read more »

These are the best laptop deals around—shop savings at Amazon, HP, Walmart and more

— Recommendations are independently chosen by Reviewed’s editors. Purchases you make through our links may earn us a commission. If one of your New Year’s resolutions was to get more ... Read more »

8 Carhartt baby clothes in iconic styles will keep them warm all winter

— Recommendations are independently chosen by Reviewed’s editors. Purchases you make through our links may earn us a commission. The allure of Carhartt goes far beyond it being a utilitarian ... Read more »

Microsoft's Blizzard acquisition could face an inquisition

What are the odds that on the very day Microsoft announced its $68.7 billion acquisition of Activision Blizzard Entertainment, the U.S. Federal Trade Commission and Department of Justice would announce ... Read more »

Microsoft Edge will soon protect users from never-before-seen security bugs

Microsoft Edge has added new security functionality to its upcoming beta version, promising security against unknown zero-day vulnerabilities that malicious actors could be exploiting to distribute malware, ransomware, or other ... Read more »

Alibaba cloud services facing US national security probe

The US government is reportedly reviewing the cloud computing arm of Chinese ecommerce giant Alibaba to determine whether or not it poses a risk to national security. As reported by ... Read more »

Marvel's 'Moon Knight' has a trailer and a release date—here's how to watch

— Recommendations are independently chosen by Reviewed’s editors. Purchases you make through our links may earn us a commission. Embrace the chaos. Moon Knight, one of several exciting MCU installments ... Read more »

AMD could be taking on the RTX 3080 Ti with a Big Navi refresh

An AMD Radeon RX 6000 series refresh may be on the way, a little over a year since the original RDNA 2 graphics cards came out in late 2020. A ... Read more »

Get groceries at your door with these 20 meal delivery services on sale now

— Recommendations are independently chosen by Reviewed’s editors. Purchases you make through our links may earn us a commission. With the latest food shortages and grocery supply chain issues, there’s ... Read more »

Pinterest just revealed the biggest trends of 2022—here's what to shop

— Recommendations are independently chosen by Reviewed’s editors. Purchases you make through our links may earn us a commission. Every year, Pinterest predicts the most popular trends of the months ... Read more »

HP reveals new rugged devices for learning anywhere

HP has announced a new line of student laptops that include many of the same features found in rugged laptops to provide them with the durability needed to withstand everyday ... Read more »

Ford, ADT form venture to make vehicle security products

The Associated PressFILE – In this April 25, 2021 file photograph, the blue oval logo of Ford Motor Company is shown in east Denver. Ford and security company ADT have ... Read more »

Thanks to Aerial 3.0, you can use Apple TV screensavers on your Mac, and in HDR

A macOS app called Aerial has been updated with new screensaver options, alongside featuring HDR, integration with Spotify and Apple Music, and much more. New screensavers from Apple have trickled ... Read more »

Whaleshark, mysterious collector of 400,000 NFTs, sees Hong Kong as a hub for the digital token that is gaining fans

WhaleShark, one of the most mysterious and active non-fungible token (NFT) collectors in the world with a portfolio of more than 400,000 items, sees Hong Kong as a hub for ... Read more »

US plans $50B wildfire fight where forests meet suburbia

The Associated PressU.S. Agriculture Secretary Tom Vilsack speaks during a visit to Wheat Ridge Poultry and Meats, a locally-owned and operated butcher shop and meat processor, Friday, Jan. 14, 2022, ... Read more »

Europol shuts down VPN used by cybercriminal groups

A VPN service frequently used by cybercriminals to launch ransomware attacks and spread malware online has been taken down as part of a joint operation between Europol and law enforcement ... Read more »

What franchises does Microsoft gain in the Activision Blizzard takeover?

Microsoft’s acquisition of Activision Blizzard is undoubtedly one of the biggest company moves in video games, ever. This is a paradigm shift for the entire industry, and Microsoft has just ... Read more »

AT&T says it will delay some 5G after airlines raise alarms

The Associated PressFILE – A Dreamliner 787-10 arriving from Los Angeles pulls up to a gate at Newark Liberty International Airport in Newark, N.J., Monday, Jan. 7, 2019. Federal safety ... Read more »

Does Microsoft's purchase of Activision Blizzard give Guitar Hero a new lease of life?

A bevy of franchises will likely soon be joining team Xbox, as Microsoft today announced it’s agreed to buy gaming publisher Activision Blizzard for close to $70 billion. Alongside Call ... Read more »

Apple pulled plug on plan to battle Sonos Roam with battery-powered HomePod

Apple once planned to release a portable battery-powered version of its HomePod smart speaker, according to Bloomberg’s Mark Gurman. In his PowerOn newsletter, Gurman said the company even created a ... Read more »

US reportedly orders WhatsApp to track some Chinese users

The US has been secretly tracking a group of Chinese users of the popular messaging service WhatsApp since November, possibly in an effort to halt illegal opioid sales, Forbes has ... Read more »

Xbox Game Pass hits major subscriber milestone as Sony readies its competitor

The same day Microsoft unveiled its planned takeover of Activision-Blizzard, it also announced that over 25 million people have subscribed to Xbox Game Pass. Microsoft’s game subscription service is expected ... Read more »

Drink in the new Cuphead cartoon trailer as you wait for February

Netflix has released a new trailer for its upcoming Cuphead cartoon, confirming a release date of February 18 as well. The trailer, which has also been shared by the original ... Read more »

Kingdom Hearts 20th anniversary event has fans hopeful for new game announcement

The official Kingdom Hearts Twitter account has announced a 20th anniversary event for April 10, which will take place in Tokyo. Details about the event are still scarce, but it ... Read more »

Massive Amazon sale slashes Fire tablets to just $34.99

We’ve just spotted fantastic Fire tablet deals at Amazon’s latest sale, with the retailer offering up to 50% discounts on Amazon’s best-selling tablets with prices starting at just $34.99. Amazon’s ... Read more »

Would you sacrifice EV range for new tech? Tesla buyers may not have a choice

Tesla has informed those buying the Model 3 with AMD’s new Ryzen processor that the vehicle will take a small hit on its overall range. Electric cars are among the ... Read more »
On free-english-test.com you will find lots of free English exam practice materials to help you improve your English skills: grammar, listening, reading, writing, ielts, toeic