Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Multiple Vulnerabilities Plague Discontinued Netgear WNR614 Routers

Redfox Security warns of multiple vulnerabilities in Netgear WNR614 routers discontinued three years ago.

Vulnerabilities in discontinued Netgear WNR614 routers allow attackers to bypass authentication, intercept communications, and retrieve credentials, Redfox Security warns.

A total of six flaws were discovered in the Netgear WNR614 N300 router model running the latest available firmware version, 1.1.0.54_1.0.1, which was released in August 2018. The product was discontinued in 2021.

Tracked as CVE-2024-36787, the first issue discovered by Redfox Security allows attackers to bypass the authentication mechanism of the device and access the administrative interface via unspecified vectors.

The weak authentication, the cybersecurity firm notes, allows Base64 credential cracking, exposing both the device and the local network to security risks.

“Poor authentication protocols allowing insecure passwords pose a severe threat to network security, necessitating immediate and decisive action to stop unauthorized access and protect network operations and sensitive data,” Redfox Security warns.

Another issue, the cybersecurity firm says, is that the Netgear WNR614 N300 router fails to properly set the HTTPOnly flag for cookies, allowing an attacker to intercept and access sensitive communication between the router and other devices.

The issue, tracked as CVE-2024-36788, can be mitigated by configuring the router to always use HTTPS and by setting browsers to enforce HTTPS connections.

The router was also found to allow users to create weak passwords (CVE-2024-36789) and to store Wi-Fi credentials in plain text (CVE-2024-36790), which exposes it to unauthorized access, manipulation, and data exposure.

Advertisement. Scroll to continue reading.

Furthermore, Redfox Security discovered a flaw in the WPS implementation in the router that exposes the device’s PIN to attackers (CVE-2024-36792), and insecure permissions that allow attackers to access URLs and directories in the firmware (CVE-2024-36795).

Because the vulnerable product is discontinued, users are advised to disable vulnerable functions and components, enforce strong password policies, periodically rotate passwords, isolate the router from critical network systems, implement access control measures, and use encryption for sensitive data.

“Given that the Netgear WNR614 N300 router has reached its End of Service, it is recommended to replace the router with a model that is actively supported and maintained by the manufacturer,” Redfox Security notes.

Related: Details Disclosed for Exploit Chain That Allows Hacking of Netgear Routers

Related: Netgear Vulnerabilities Lead to Credentials Leak, Privilege Escalation

Related: Attacks Targeting Realtek SDK Vulnerability Ramping Up

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Gabriel Agboruche has been named Executive Director of OT and Cybersecurity at Jacobs.

Data security startup Reco adds Merritt Baer as CISO

Chris Pashley has been named CISO at Advanced Research Projects Agency for Health (ARPA-H).

More People On The Move

Expert Insights