Microsoft Discloses Critical Bugs Allowing Takeover of NETGEAR Routers
Jul 01, 2021
Cybersecurity researchers have detailed critical security vulnerabilities affecting NETGEAR DGN2200v1 series routers , which they say could be reliably abused as a jumping-off point to compromise a network's security and gain unfettered access. The three HTTPd authentication security weaknesses (CVSS scores: 7.1 – 9.4) impact routers running firmware versions prior to v1.0.0.60, and have since been fixed by the company in December 2020 as part of a coordinated vulnerability disclosure process. "The rising number of firmware attacks and ransomware attacks via VPN devices and other internet-facing systems are examples of attacks initiated outside and below the operating system layer," Microsoft 365 Defender Research Team's Jonathan Bar Or said . "As these types of attacks become more common, users must look to secure even the single-purpose software that run their hardware—like routers." In a nutshell, the flaws allow accessing router management p...
