Significant security flaws have been discovered in NETGEAR DGN2200v1 series routers, according to cybersecurity experts, who claim these vulnerabilities may be exploited to breach a network’s security and obtain unrestricted access.
Firmware versions prior to v1.0.0.60 are vulnerable to three HTTPd authentication security weaknesses, with CVSS scores ranging from 7.1 to 9.4. These issues have been addressed in December 2020, as part of a coordinated vulnerability disclosure process, related to NETGEAR’s response to the reported security risks.
The cases of ransomware and firmware attacks conducted through VPN devices and other internet-connected systems are rapidly growing which indicates a new trend where attacks are initiated outside the operating system.
With assaults of this kind becoming more frequent, security professionals are warning that users must take additional precaution of securing even the single-purpose software, such routers.
As per the details that are available, taking over NETGEAR routers can happen when strcmp is used to determine if the username and password match the stored credentials. An attacker may exploit the former by timing the failure rate by comparing each character until a mismatch occurs or NUL terminator is found.
In short, the detected vulnerabilities can open the door to gaining access to router administration pages, and in this way, providing hackers with full control over the router. Additionally, attackers may utilize a cryptographic side-channel attack to get their hands on the username and the password kept in the router’s memory and mess with the backup/restore configurations.
And this is not everything. Security researchers have found that, by exploiting the authentication bypass, malicious actors may encrypt credentials using a constant key and then use that key to retrieve the password and the username in plain text.
To protect yourself from any possible attacks of this kind, NETGEAR recommends that DGN2200v1 users upgrade their firmware to the latest version as soon as possible.
Leave a Comment