Your Netgear router might be an open door for hackers

Netgear has issued a security advisory regarding two critical vulnerabilities affecting Nighthawk Pro Gaming routers and specific Wi-Fi 6 access points. It is strongly recommended that users update their devices’ firmware promptly to mitigate potential risks.

The first vulnerability, known as PSV-2023-0039, is a Remote Code Execution (RCE) flaw. This security issue enables attackers to execute arbitrary code on affected devices remotely, potentially leading to unauthorized control over the router. The second vulnerability, PSV-2021-0017, is an authentication bypass flaw that allows attackers to bypass authentication mechanisms and gain unauthorized access to the device’s management interface.

The impacted models include Nighthawk Pro Gaming Routers such as XR1000, XR1000v2, and XR500, as well as Wi-Fi 6 Access Points like WAX206, WAX220, and WAX214v2.

Firmware updates have been released by the company to address these vulnerabilities. If you own any of the mentioned products, it is highly recommended to download and install the latest firmware versions for your respective devices. Detailed instructions on updating firmware can be found on Netgear’s official support page.

Routers are attractive targets for cyberattacks as they act as the primary gateway between the internet and home or business networks. They are constantly online, making them a persistent attack surface for hackers. Many routers come with weak default security settings, including easily guessable credentials and outdated firmware, which users often fail to update. Attackers exploit these vulnerabilities to gain control over the router, allowing them to monitor internet traffic, launch further attacks, or redirect users to malicious websites. Moreover, unsecured remote access features can enable hackers to take over routers from anywhere in the world.

Once compromised, routers can be used for various malicious activities, such as botnet recruitment, DNS hijacking, and man-in-the-middle attacks. Hackers can leverage them to intercept sensitive data, gain access to IoT devices, and even use them as launch points for large-scale cyberattacks like DDoS attacks.

Since many users are unaware of router security risks, these devices often remain unpatched and vulnerable for extended periods. To minimize the risk, users should regularly update firmware, change default credentials, disable unnecessary remote management features, and enable strong encryption to secure their networks.