Netgear Routers’ Flaws Expose Customers to Malware, Distant Assaults, and Surveillance

Might 12, 2023Ravie LakshmananCommunity Safety / Malware


As many as 5 safety flaws have been disclosed in Netgear RAX30 routers that might be chained to bypass authentication and obtain distant code execution.

“Profitable exploits might permit attackers to observe customers’ web exercise, hijack web connections, and redirect site visitors to malicious web sites or inject malware into community site visitors,” Claroty safety researcher Uri Katz said in a report.

Moreover, a network-adjacent risk actor might additionally weaponize the issues to entry and management networked good units like safety cameras, thermostats, good locks; tamper with router settings, and even use a compromised community to launch assaults towards different units or networks.


The record of flaws, which have been demonstrated on the Pwn2Own hacking competitors held at Toronto in December 2022, is as follows –

  • CVE-2023-27357 (CVSS rating: 6.5) – Lacking Authentication Data Disclosure Vulnerability
  • CVE-2023-27368 (CVSS rating: 8.8) – Stack-based Buffer Overflow Authentication Bypass Vulnerability
  • CVE-2023-27369 (CVSS rating: 8.8) – Stack-based Buffer Overflow Authentication Bypass Vulnerability
  • CVE-2023-27370 (CVSS rating: 5.7) – Machine Configuration Cleartext Storage Data Disclosure Vulnerability
  • CVE-2023-27367 (CVSS rating: 8.0) – Command Injection Distant Code Execution Vulnerability

A proof-of-concept (PoC) exploit chain illustrated by the commercial cybersecurity agency reveals that it is potential to string the issues — CVE-2023-27357, CVE-2023-27369, CVE-2023-27368, CVE-2023-27370, and CVE-2023-27367 (in that order) — to extract the gadget serial quantity and in the end acquire root entry to it.


Study to Cease Ransomware with Actual-Time Safety

Be a part of our webinar and learn to cease ransomware assaults of their tracks with real-time MFA and repair account safety.

Save My Seat!

“These 5 CVEs might be chained collectively to compromise affected RAX30 routers, essentially the most extreme of which allow pre-authentication distant code execution on the gadget,” Katz famous.

Customers of Netgear RAX30 routers are suggested to replace to firmware model launched by the networking firm on April 7, 2023, to deal with the issues and mitigate potential dangers.

Discovered this text attention-grabbing? Comply with us on Twitter and LinkedIn to learn extra unique content material we publish.