An attacker can inject malicious code into the ping_addr or trace_addr parameters to execute commands on the device. Successful exploitation of these issues may allow remote attackers to take control of the device or obtain sensitive information. Moreover, these issues were also discovered to be present in the v1.0.0 and v1.0.2 firmware versions of the NETGEAR Genie Nighthawk X6 and NETGEAR X6 Wi-Fi Router. The latest firmware version released at the time of this advisory patch (v3.214) resolves both of these issues. Multiple command injection vulnerabilities have been discovered in multiple NETGEAR products running on the latest firmware version. An attacker can exploit these issues to inject malicious code and obtain access to the device. At the time of this advisory patch, multiple vulnerabilities have been patched. Vendors and researchers are constantly monitoring for security issues in order to patch them as soon as possible. As soon as a new firmware version is released, we strongly recommend that all users update their devices to the latest version via an active connection to the internet.
Introduction
NETGEAR's security team has discovered two different Command Injection vulnerabilities in the NETGEAR Genie Nighthawk X6 router and NETGEAR X6 Wi-Fi Router. These issues may allow attackers to take control of these devices or obtain sensitive information such as usernames and passwords.
Vulnerability summary
The following is a summary of the vulnerability in this advisory:
CVE-2022-31898 - An attacker can inject malicious code into the ping_addr or trace_addr parameters to execute commands on the device. Successful exploitation of these issues may allow remote attackers to take control of the device or obtain sensitive information. Furthermore, these vulnerabilities were also discovered to be present in the v1.0.0 and v1.0.2 firmware versions of the NETGEAR Genie Nighthawk X6 and NETGEAR X6 Wi-Fi Router. The latest firmware version released at the time of this advisory patch (v3.214) resolves both of these issues. Multiple command injection vulnerabilities have been discovered in multiple NETGEAR products running on the latest firmware version. An attacker can exploit these issues to inject malicious code and obtain access to the device At the time of this advisory patch, multiple vulnerabilities have been patched Vendors and researchers are constantly monitoring for security issues in order to patch them as soon as possible
Vulnerability Analysis
CVE-2022-31898 is a set of command injection vulnerabilities in multiple NETGEAR products. The most severe of the two issues allows an attacker to execute commands on the device. First, it is important to note that the issue has been patched by v3.214 firmware update. Both the ping_addr and trace_addr parameters were found to be vulnerable to command injection. Second, this vulnerability has also been discovered in v1.0.0 and v1.0.2 firmware versions of the NETGEAR Genie Nighthawk X6 and NETGEAR X6 Wi-Fi Router, which have since been fixed with the release of v3.214 firmware update.
The vulnerabilities are one of many that can be found in electronic devices today, as they are constantly being monitored for security issues so they can be patched as soon as possible once discovered by researchers and vendors alike.
Summary
Multiple vulnerabilities have been discovered in multiple NETGEAR products running on the latest firmware version. An attacker can exploit these issues to inject malicious code and obtain access to the device. This advisory patch provides a resolution for both of these issues.
Affected Products
The following devices are affected by these vulnerabilities:
NETGEAR Nighthawk AC2600 X6 Tri-Band WiFi Router
NETGEAR X6 Wi-Fi Router
NETGEAR Genie Nighthawk AC1900 X4 Tri-Band WiFi Router
Timeline
Published on: 10/27/2022 18:15:00 UTC
Last modified on: 11/01/2022 12:56:00 UTC