State-run cybersecurity agency Indian Computer Emergency Response Team (CERT-In) has issued a high alert over a major security loophole in various Netgear routers. The loophole could allow malicious players to take control of users’ devices, the agency noted in a recent advisory.
CERT-In mentioned that NETGEAR routers with model number R6400v2, R6700, R6700v3, R6900, R6900P, R7000, R7000P, R7850, R7900, R8000 and RS400 have been affected by this remote code execution security vulnerability. The manufacturer has already released fixes to close this security loophole.
“The vulnerability exists due to flaw in the update process of Circle Parental Control Service on various NETGEAR routers. A remote attacker could exploit this vulnerability by convincing the user to open a specially crafted request,” CERT-In said in a statement.
“Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the targeted system,” the agency added.
It means that the attacker could execute commands on the affected system, should they manage to gain access to it through this vulnerability.
NETGEAR has already released firmware fixes for all the affected routers. Here’s how users can download them:
Step 1: Visit NETGEAR Support.
Step 2: Start typing your model number in the search box, then select your model from the drop-down menu as soon as it appears.
If you do not see a drop-down menu, make sure that you entered your model number correctly, or select a product category to browse for your product model.
Step 3: Click Downloads.
Step 4: Under Current Versions, select the first download whose title begins with Firmware Version.
Step 5: Click Release Notes.
Step 6: Follow the instructions in the firmware release notes to download and install the new firmware.
Never miss a story! Stay connected and informed with Mint.
our App Now!!