One Article Review
| Source |  Techworm |
|---|---|
| Identifiant | 8647058 |
| Date de publication | 2025-02-05 20:44:01 (vue: 2025-02-05 15:53:39) |
| Titre | NETGEAR Urges Users to Fix Critical Wi-Fi Router Flaws |
| Texte | NETGEAR, an American computer networking company, recently addressed two critical vulnerabilities that could allow threat actors to gain unauthorized access to home networks. The company has issued a critical security advisory urging users to update their Wi-Fi routers to the latest firmware immediately. The two critical vulnerabilities, internally tracked as PSV-2023-0039 and PSV-2021-0117, affect multiple Wi-Fi 6 access points (WAX206, WAX214v2, and WAX220) and Nighthawk Pro Gaming router models (XR1000, XR1000v2, XR500). While the PSV-2023-0039 (CVSS score: 9.8) vulnerability could enable unauthenticated threat actors to exploit the flaw for remote code execution (RCE), the PSV-2021-0117 (CVSS score: 9.6) vulnerability could be exploited for authentication bypass in low-complexity attacks without user interaction. The following product models are affected by the unauthenticated RCE security vulnerability PSV-2023-0039, that were patched in the versions given below: XR1000 – fixed in firmware version 1.0.0.74 XR1000v2 – fixed in firmware version 1.1.0.22 XR500 – fixed in firmware version 2.3.2.134 “NETGEAR strongly recommends that you download the latest firmware as soon as possible,” reads the advisory published on Saturday. Further, the following product models are impacted by the authentication bypass security vulnerability PSV-2021-0117, which was patched in the versions shown below: WAX206 – fixed in firmware version 1.0.5.3 WAX220 – fixed in firmware version 1.0.3.5 WAX214v2 – in firmware version 1.0.2.5 You can follow the steps mentioned below to download and install the latest firmware for your NETGEAR product: Visit the NETGEAR Support Please enter your model number in the search box, then select your model from the drop-down menu as soon as it appears. If a drop-down menu does not appear, check that you have entered your model number correctly or select a product category to find your product model. Click Downloads. Under Current Versions, choose the download whose title begins with Firmware Version. Click Download. Follow the instructions provided in your product\'s user manual, firmware release notes, or product support page. “The unauthenticated RCE vulnerability remains if you do not complete all recommended steps,” the company warned on Saturday. “NETGEAR is n |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | – fixed “netgear “the 0039 0039 and psv 0117 134 2021 2023 access actors addressed advised advisory affected against all allow american and wax220 any appear appears are as psv attacks authentication avoided been begins below below: box bypass can category check choose click download click downloads code company complete complexity computer consequences correctly could critical cvss determine does down download drop emerging enable ensure enter entered execution exploit exploited find firmware fix fixed flaw flaws follow following from further gain gaming given has have home immediately impacted install instructions interaction internally issued latest low manual mentioned menu model models multiple necessary netgear network networking networks nighthawk not notes notification number official support page patched please points possible pro product product: protect provided psv published rce recently recommendations recommended recommends regularly release remains remote responsible router router’s routers saturday score: search secure security select shown soon steps strongly support then the netgear the two threat threats title tracked two unauthenticated unauthorized under current update updates urges urging user users version versions version 1 version 2 visit vulnerabilities vulnerability warned wax206 wax214v2 wax220 which whose without xr1000 xr1000v2 – xr500 your affect wax214v2 xr1000v2 xr500 “netgear ” reads |
| Tags | Vulnerability Threat |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.