Number: AV18-029
Date: 09 February 2018
Purpose
The purpose of this advisory is to bring attention to a recently published NETGEAR security advisory.
Assessment
NETGEAR has released a security advisory to address a vulnerability found in routers affected by a remote authentication bypass that could be exploited by a remote user to access target networks without having to provide a password.
Affected Products:
- D8500 running firmware versions 1.0.3.27 and earlier
- DGN2200v4 running firmware versions 1.0.0.82 and earlier
- R6300v2 running firmware versions 1.0.4.06 and earlier
- R6400 running firmware versions 1.0.1.20 and earlier
- R6400v2 running firmware versions 1.0.2.18 and earlier
- R6700 running firmware versions 1.0.1.22 and earlier
- R6900 running firmware versions 1.0.1.20 and earlier
- R7000 running firmware versions 1.0.7.10 and earlier
- R7000P running firmware versions 1.0.0.58 and earlier
- R7100LG running firmware versions 1.0.0.28 and earlier
- R7300DST running firmware versions 1.0.0.52 and earlier
- R7900 running firmware versions 1.0.1.12 and earlier
- R8000 running firmware versions 1.0.3.46 and earlier
- R8300 running firmware versions 1.0.2.86 and earlier
- R8500 running firmware versions 1.0.2.86 and earlier
- WNDR3400v3 running firmware versions 1.0.1.8 and earlier
- WNDR4500v2 running firmware versions 1.0.0.62 and earlier
Suggested Action
CCIRC recommends that system administrators test and deploy the vendor released updates on affected platforms accordingly.
References: