Netgear has released firmware updates for certain Wi-Fi router models that have been affected by a remote code execution vulnerability discovered in mid-June. While there are dozens of potentially vulnerable SKU attacks, more than half of the models will not get a fix because they are "outside the Netgear support window." Up to 79 models of Netgear home Wi-Fi routers (sometimes also used in small offices) are defenseless against local and Internet attacks that exploit their remote code execution vulnerability. It turns out that authors can bypass the login process to access the router's web server running the web management interface and gain control of the device.
Netgear router failure
The security breach was discovered by at least two security researchers more than half a year ago, and Netgear was alerted to the vulnerability in January. The results were finally released as part of Trend Micro's Zero Day Initiative in mid-June, months after Netgear learned of the issue. Netgear has released a new firmware that fixes the vulnerability for 34 of the 79 routers affected by the vulnerability. Meanwhile, Netgear has no plans to patch 45 models sold on the channel more than three years ago. "Netgear has provided firmware updates with fixes for all supported products previously disclosed by ZDI and Grimm," an official statement from Netgear reads. “The other products included in the published list are outside our support window. In this specific case, the parameters were based on the last sales date of the product in the channel, which was set at three years or more. "Several models of Wi-Fi routers that won't be patched are older, having been released in 2007, but some of them support Wi-Fi 5 (802.11ac) and don't appear to be completely obsolete. In fact, some are even available on The list of SKUs that will not be patched includes the following models: AC1450 D6300 DGN2200v1 DGN2200M DGND3700v1 LG2200D MBM621 MBR1200 MBR1515 MBR1516 MBR624GU MBRN3000 MVBR1210C R4500 R6200 R6200v 2 R6300v1 R7300DST WGR614v10 WGR614v8 WGR614v9 WGT624v4 WN2500RP WN2500RPv2 WN3000RP WN3000RPv2 WN3000RPv3 WN3100RP WN3100RPv2 WN3500RP WNCE3001 WNCE3001 2v3300 WNDR1v3300 WNDR2v3400 WNDR1v3400 WNDR2v3400 WNDR3v3700 WNDR3v4000 WNDR4500 WNDR4500 WNDR2v3500 WNR1v3500 WNR1Lv3500 WNR2v834 WNR2BvXNUMX Via: PC Gamer, Tom's Guide