NETGEAR is aware of two related security issues that can allow a local attacker to execute commands on a wireless access point and gain read and write access to the access point’s file system. These vulnerabilities occur when an attacker injects commands using either of two insecure PHP forms. Cross-site request forgery (CSRF) and cross-site scripting (XSS) can be used to exploit the same vulnerabilities remotely.
These vulnerabilities affect the following products:
- WN604 firmware version 3.3.3 and earlier
- WNAP210v2 firmware version 3.5.20.0 and earlier
- WNAP320 firmware version 3.5.20.0 and earlier
- WNDAP350 firmware version 3.5.20.0 and earlier
- WNDAP360 firmware version 3.5.20.0 and earlier
- WNDAP620 firmware version 2.0.11 and earlier
- WNDAP660 firmware version 3.5.20.0 and earlier
- WND930 firmware version 2.0.11 and earlier
- WAC120 firmware version 2.0.7 and earlier
Firmware fixes are available for all affected products. NETGEAR strongly recommends that all users upgrade to the latest firmware version, which fixes the command injection and file system corruption vulnerabilities and properly validates PHP form input.
To download the firmware update that fixes the PHP vulnerabilities:
- Visit the NETGEAR Download Center.
- Under Search for, select the check box next to Firmware/Software.
- Enter your model number in the search box and click the magnifying glass.
- Select your model from the drop-down menu.
If you do not see a drop-down menu, make sure that you entered your model number correctly, or use the product drilldown to find your model.
- Click the most recent firmware version, which is the one closest to the top of the list.
The firmware download starts as soon as you select a destination for the download.
- (Optional) To view the release notes for this firmware version, click Release Notes.
- Unzip the new firmware to an easy-to-find location, such as your desktop.
- Install the new firmware according to the instructions in your product’s user manual, which is available under Documentation in the Download Center.
The potential for remote access, file system corruption, and command execution remains if you do not update your firmware. NETGEAR is not responsible for any consequences that could have been avoided by updating your firmware as recommended in this notification.
We appreciate and value having security concerns brought to our attention. NETGEAR constantly monitors for both known and unknown threats. Being pro-active rather than re-active to emerging security issues is fundamental for product support at NETGEAR.
It is NETGEAR's mission to be the innovative leader in connecting the world to the internet. To achieve this mission, we strive to earn and maintain the trust of those that use NETGEAR products for their connectivity.
To report a security vulnerability, visit https://bugcrowd.com/netgear.
If you are a NETGEAR customer with a security-related support concern, you can contact NETGEAR customer support at techsupport.security@netgear.com.
For all other issues, visit http://www.netgear.com/about/security/.
The security@netgear.com email address is no longer accepting messages and is no longer actively monitored.
Last Updated:03/08/2017
|
Article ID: 000037827