Netgear Patches Router, Switch, NAS Holes

Tuesday, October 3, 2017 @ 02:10 PM gHale


Netgear patched vulnerabilities affecting the company’s routers, switches, network-attached storage (NAS) devices, and wireless access points.

There are 14 advisories describing vulnerabilities in ReadyNAS devices, including command injections, security misconfigurations, and ten stored cross-site scripting (XSS) issues.

RELATED STORIES
Netgear Releases Router Firmware
Netgear Patches Vulnerabilities
Netgear Releases Switch Firmware Update
Netgear Fixes Router Firmware

Netgear also released over a dozen advisories for remote code execution, security misconfiguration, command injection, administrator credentials disclosure, authentication bypass, stack overflow, arbitrary file read, and cross-site request forgery (CSRF) flaws affecting some of its routers. Some of the vulnerabilities also affect modems and DSL gateways.

The highest number of advisories released are problems in fully managed switches. There are 22 advisories for privilege escalation, stored and reflected XSS, denial-of-service (DoS), security misconfiguration, and directory traversal flaws.

There are two wireless access point advisories describing command injection vulnerabilities.

The vulnerabilities have been rated medium or high severity.



Leave a Reply

You must be logged in to post a comment.