April 2, 2023
Netgear Nighthawk R6700v3

Researchers have discovered multiple vulnerabilities in the latest firmware version (version 1.0.4.120) of the popular Netgear Nighthawk R6700v3 WiFi router.

An attacker can trigger the vulnerabilities to take full control of the vulnerable devices. Below is the list of flaws discovered by the researchers:

  • CVE-2021-20173: Post Authentication Command Injection via SOAP Interface.
  • CVE-2021-20174: Default HTTP Communication (Web Interface).
  • CVE-2021-20175: Default HTTP Communication (SOAP Interface).
  • CVE-2021-23147: Insufficient UART Protection Mechanisms.
  • CVE-2021-45732: Configuration Manipulation via Hardcoded Encryption Routines.
  • CVE-2021-45077: Plaintext Password Storage.

Multiple instances of known vulnerable jQuery libraries (such as jquery 1.4.2), for this reason, they are urging to update them to the latest available versions. The version of minidlna.exe running on the routers is affected by publicly known vulnerabilities. We recommend upgrading to a more recent version.

The vulnerabilities affect firmware version 1.0.4.120, which is the latest release for the device.

Tags:

Leave a Reply

You may have missed

TheCyberThrone Security Week In Review –April 1st, 2023

TheCyberThrone Security Week In Review –April 1st, 2023

April 2, 2023
TheCyberThrone CyberSecurity Newsletter Top 5 Articles – March 2023

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – March 2023

April 2, 2023
IBM Aspera Vulnerability Exploited to install Ransomware

IBM Aspera Vulnerability Exploited to install Ransomware

April 1, 2023
Italy temporarily bans ChatGPT

Italy temporarily bans ChatGPT

April 1, 2023
Cylance Ransomware Dissection

Cylance Ransomware Dissection

April 1, 2023
WordPress Elementor Pro Plugin Vulnerability

WordPress Elementor Pro Plugin Vulnerability

April 1, 2023
%d bloggers like this: