Trustwave, a leading threat, vulnerability and compliance management company has publicly revealed five new major security holes in certain NETGEAR routers.

Of course, Trustwave and NETGEAR worked behind the scenes to develop new firmware, and the main point of this article is to get NETGEAR router owners to ensure their firmware is updated.

Routers (R) and their modem/router (D) variants affected include (this is not an exhaustive list)

R6100 R6220 R6250
R6300v2 R6400 R6400v2
R6700 R6900 R6900P
R7000 R7000P R7100LG
R7300DST R7500 R7500v2
R7800 D7800 R7900
R8000 R8300 R8500
D8500 WNDR3400v3 WNDR4500v2
EX6200v2 DGN2200v4

The five vulnerabilities are (not all affect every router):

TWSL2018-002: Password Recovery and File Access

Trustwave SpiderLabs Advisory

NETGEAR advisory

Some routers allow arbitrary file reading from the device provided that the path to file is known. Total of 17 products are affected.

TWSL2018-003: Finding 1: Post-Authentication Command Injection

Trustwave SpiderLabs Advisory

NETGEAR advisory

This one affects six products and reflects a root level OS command execution via the device_name parameter on the lan.cgi page, although the attack requires authentication.

TWSL2018-003: Finding 2: Authentication Bypass

NETGEAR advisory