What is the CSRF/LocalFile/XSS vulnerability and what does it mean for my router?
NETGEAR is aware of a software vulnerability that makes users of certain NETGEAR routers more susceptible to intentionally malicious emails and websites. Hackers might be able to use scripts run from such emails or websites to log in to your router and change settings on the router as if they were an administrator of the router. The script might potentially allow the hacker to remotely access your private network.
What if my affected device is a Powerline adapter?
The only thing an attacker can do is change settings on the adapter. The attacker cannot access your private network or view any of your private data.
How do I prevent this attack?
NETGEAR has already released a firmware fix for all affected models. For cable products like the N450 (CG3000Dv2), new firmware is released by your Internet service provider after NETGEAR releases it to them. The firmware fix for the N450 has been released to all service providers.
NETGEAR strongly recommends that all affected users make sure that the firmware for their devices is up to date.
For the latest firmware update that prevents the CSRF / LocalFile / XSS vulnerability, click the link for your model below and visit the firmware release page for details and instructions:
Is there any workaround at this point?
NETGEAR recommends that you visit the link for your product above and make sure that your firmware is up to date, which resolves the issue. For customers with cable products, NETGEAR recommends contacting your Internet service provider to ask when they will make the latest firmware fixes available to you.
Note: If the recommended steps are not completed as described, the vulnerability for your device to be more susceptible to intentionally malicious emails and websites will remain. NETGEAR is not responsible for any consequences that could have been avoided by upgrading the firmware as stated in this notification or for your cable provider's failure to release our firmware update after it has been provided to them by us.
NETGEAR will update this KB article as more information becomes available.
We appreciate and value having security concerns brought to our attention. NETGEAR constantly monitors for both known and unknown threats. Being pro-active rather than re-active to emerging security issues is fundamental for product support at NETGEAR.
It is NETGEAR's mission to be the innovative leader in connecting the world to the internet. To achieve this mission, we strive to earn and maintain the trust of those that use NETGEAR products for their connectivity.
To report a security vulnerability, visit https://bugcrowd.com/netgear.
If you are a NETGEAR customer with a security-related support concern, you can contact NETGEAR customer support at techsupport.security@netgear.com.
For all other issues, visit https://www.netgear.com/about/security/.
The security@netgear.com email address is no longer accepting messages and is no longer actively monitored.
Last Updated:04/25/2023
|
Article ID: 30114