NETGEAR Urges Users to Patch Critical Wi-Fi Router Vulnerabilities : NETGEAR, a leading American networking company, has recently issued a critical security advisory urging users to update their Wi-Fi routers immediately. The advisory addresses two high-severity vulnerabilities that could allow unauthorized access to home networks, potentially exposing users to cyber threats.
Critical Wi-Fi Router Vulnerabilities Discovered
The vulnerabilities, identified as PSV-2023-0039 and PSV-2021-0117, impact multiple Wi-Fi 6 access points and Nighthawk Pro Gaming routers. If exploited, these flaws could allow threat actors to execute remote code or bypass authentication, posing serious security risks.
- PSV-2023-0039 (CVSS Score: 9.8) – This unauthenticated remote code execution (RCE) vulnerability enables attackers to remotely exploit the affected devices without user interaction.
- PSV-2021-0117 (CVSS Score: 9.6) – This authentication bypass flaw allows unauthorized access through low-complexity attacks.
Affected NETGEAR Models and Firmware Updates
NETGEAR has released firmware patches to address these vulnerabilities. Users are strongly advised to update their devices to the latest firmware versions listed below:
Devices Impacted by Unauthenticated RCE Vulnerability (PSV-2023-0039)
- XR1000 – Fixed in firmware version 1.0.0.74
- XR1000v2 – Fixed in firmware version 1.1.0.22
- XR500 – Fixed in firmware version 2.3.2.134
Devices Impacted by Authentication Bypass Vulnerability (PSV-2021-0117)
- WAX206 – Fixed in firmware version 1.0.5.3
- WAX220 – Fixed in firmware version 1.0.3.5
- WAX214v2 – Fixed in firmware version 1.0.2.5
How to Update Your NETGEAR Router Firmware
To protect your network, follow these steps to install the latest firmware update:
- Visit the NETGEAR Support Page
- Enter your model number in the search box and select your device from the drop-down list.
- Click on “Downloads”
- Under “Current Versions”, select the firmware update titled “Firmware Version.”
- Download and install the update following the instructions provided in the product’s user manual, firmware release notes, or support page.
NETGEAR’s Official Warning
NETGEAR has emphasized the importance of completing these updates, stating, “The unauthenticated RCE vulnerability remains if you do not complete all recommended steps. NETGEAR is not responsible for any consequences that could have been avoided by following the recommendations in this notification.”
Stay Secure: Regular Firmware Updates Are Essential
Cybersecurity threats are constantly evolving, and outdated firmware can leave devices vulnerable to attacks. Users should regularly check for updates and install them promptly to protect their networks against emerging security threats.