HKCert
  

Netgear Products Remote Code Execution Vulnerability

Release Date: 30 / 06 / 2020
Last Update: 30 / 06 / 2020
Risk Level:  


A vulnerability was identified in Netgear products, a remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.

 

Notes: Exploit code is now publicly available

  • Remote Code Execution
  • D6220 versions prior to 1.0.0.56
  • D6400 versions prior to 1.0.0.90
  • D7000v2 versions prior to 1.0.0.58
  • D8500 versions prior to 1.0.3.46
  • EX7000 versions prior to 1.0.1.86
  • R6400v2 versions prior to 1.0.4.94
  • R6700v3 versions prior to 1.0.4.94
  • R6900 versions prior to 1.0.2.12
  • R6900P versions prior to 1.3.2.120
  • R7000 versions prior to 1.0.11.102
  • R7000P versions prior to 1.3.2.120
  • R7100LG versions prior to 1.0.0.54
  • R7850 versions prior to 1.0.5.58
  • R7900 versions prior to 1.0.4.24
  • R8000 versions prior to 1.0.4.56
  • R8500 versions prior to 1.0.2.131
  • WNR3500Lv2 versions prior to 1.2.0.60

 

For more products, please refer to:
https://kb.netgear.com/000061982/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Mobile-Routers-Modems-Gateways-and-Extenders

Before installation of the software, please visit the vendor's web-site for more details.