Netgear Products Remote Code Execution Vulnerability

Release Date: 4 Feb 2025

RISK: Medium Risk

TYPE: Operating Systems - Networks OS

A vulnerability was identified in Netgear Products. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.

 

---

Impact

• Remote Code Execution

---

System / Technologies affected

• NETGEAR XR1000 version prior to 1.0.0.74
• NETGEAR XR1000v2 version prior to 1.1.0.22
• NETGEAR XR500 version prior to 2.3.2.134

 

---

Solutions

Before installation of the software, please visit the vendor's web-site for more details.

 

Apply fixes issued by the vendor:

• https://kb.netgear.com/000066558/Security-Advisory-for-Unauthenticated-RCE-on-Some-WiFi-Routers-PSV-2023-0039

---

Vulnerability Identifier

• No CVE information is available

---

Source

• Netgear Security Advisory

---

Related Link

• https://kb.netgear.com/000066558/Security-Advisory-for-Unauthenticated-RCE-on-Some-WiFi-Routers-PSV-2023-0039