Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Netgear Neutralizes Pwn2Own Exploits With Last-Minute Nighthawk Router Patches

Last week, Netgear released hotfixes for a network misconfiguration in Nighthawk RAX30 (AX2400) routers that could allow a remote attacker to gain unrestricted access to services otherwise intended for the local network.

Last week, Netgear released hotfixes for a network misconfiguration in Nighthawk RAX30 (AX2400) routers that could allow a remote attacker to gain unrestricted access to services otherwise intended for the local network.

The bug existed because the WAN interface of these devices had IPv6 enabled by default, but did not apply for IPv6 traffic access restrictions that were otherwise applied for IPv4 traffic.

Due to this misconfiguration, services running on the router that may be inadvertently listening via IPv6, including SSH and Telnet on ports 22 and 23, may be accessible from the internet.

“This misconfiguration could allow an attacker to interact with services only intended to be accessible by clients on the local network,” cybersecurity firm Tenable says.

Security researchers with Tenable identified the issue while preparing an exploit chain for the Pwn2Own Toronto 2022 hacking competition taking place this week, but Netgear released the hotfix the day before the submission deadline, breaking the chain and rendering the exploit useless.

“Prior to the patch, an attacker could interact with these services from the WAN port. After patching, however, we can see that the appropriate ip6tables rules have been applied to prevent access. Additionally, IPv6 now appears disabled by default on newly configured devices,” Tenable explains.

The hotfix was included in RAX30 firmware version 1.0.9.90 and users are advised to update as soon as possible. According to Tenable, a manual check for the update is required as the device does not find updates beyond firmware version 1.0.6.74.

“Any consumers relying on the auto-update or ‘Check for Updates’ mechanisms of these devices are likely to remain vulnerable to this issue and any other issues teased over the coming days of Pwn2Own Toronto 2022,” Tenable notes.

The cybersecurity firm has refrained from providing further technical details on this vulnerability. In its advisory, Netgear only says that the hotfix patches security vulnerabilities.

According to Tenable, others who have signed up for Pwn2Own were also affected by Netgear’s patch.

Related: Game Acceleration Module Vulnerability Exposes Netgear Routers to Attacks

Related: Multiple Vulnerabilities Impact Netgear Nighthawk R6700 Routers

Related: Netgear Patches Code Execution Vulnerability Affecting Many Products

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Vulnerabilities

Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.