Recently, Netgear has fixed numerous security vulnerabilities in its smart switches that could allow device takeovers. Specifically, these include fixes for two critical bugs with another high-severity vulnerability. Since the patches are out, all users, including corporate customers, must ensure updating their devices at the earliest.
Netgear Smart Switches Vulnerabilities
A security engineer from Google, Gynvael Coldwind, discovered three different vulnerabilities in Netgear smart switches.
These include two critical vulnerabilities identified as â€œDemonâ€™s Criesâ€ (CVE-2021-40866) and â€œSeventh Infernoâ€ (CVE-2021-41314), and a high-severity bug â€œDraconian Fearâ€ (CVE-2021-40867). The two critical bugs received a CVSS score of 9.8, whereas the third bug received a CVSS score of 7.4. The researcher has described the details for all the bugs in separate advisories.
From these bugs, the vulnerability Seventh Inferno could allow an adversary to gain root access to the target devices. As described in Coldwindâ€™s post,
In short, it goes from a newline injection in the password field, through being able to write a file with constant uncontrolled content of 2 (like, one byte 32h), through a DoS and session crafting (which yields an admin web UI user), to an eventual post-auth shell injection (which yields full root).
Patches Deployed With Firmware Updates
Following Coldwindâ€™s report, Netgear addressed the vulnerabilities.
Although, they somewhat differed from the researcher in labeling the severity scores for the flaws. Specifically, they assigned CVSS scores of 8.8 (instead of 9.8) to the two critical flaws and 7.4 (instead of 7.8) to the high-severity bug.
Nonetheless, what matters here is that Netgear has deployed the patches for all three bugs with the latest firmware updates. Explaining more in their advisory, Netgear urged users to update their devices to the following firmware versions.
- GC108P (firmware version 22.214.171.124)
- GC108PP (firmware version 126.96.36.199)
- GS108Tv3 (firmware version 188.8.131.52)
- GS110TPP (firmware version 184.108.40.206)
- GS110TPv3 (firmware version 220.127.116.11)
- GS110TUP (firmware version 18.104.22.168)
- GS308T (firmware version 22.214.171.124)
- GS310TP (firmware version 126.96.36.199)
- GS710TUP (firmware version 188.8.131.52)
- GS716TP (firmware version 184.108.40.206)
- GS716TPP (firmware version 220.127.116.11)
- GS724TPP (firmware version 18.104.22.168)
- GS724TPv2 (firmware version 22.214.171.124)
- GS728TPPv2 (firmware version 126.96.36.199)
- GS728TPv2 (firmware version 188.8.131.52)
- GS750E (firmware version 184.108.40.206)
- GS752TPP (firmware version 220.127.116.11)
- GS752TPv2 (firmware version 18.104.22.168)
- MS510TXM (firmware version 22.214.171.124)
- MS510TXUP (firmware version 126.96.36.199)