Netgear has fixed a high-severity vulnerability affecting multiple WiFi router models and advised customers to update their devices to the latest available firmware as soon as possible. The flaw impacts multiple Wireless AC Nighthawk, Wireless AX Nighthawk (WiFi 6), and Wireless AC router models.
Netgear has not released any details on what mechanism(s) allow the abuse of this flaw, just that the vulnerability is a pre-authentication buffer overflow vulnerability. Buffer overflows can lead to denial-of-service, arbitrary command execution, and other malicious activity.
The affected devices and patched firmware versions are as follows:
|Vulnerable Netgear router||Patched firmware version|
|RAX40||Firmware version 126.96.36.199|
|RAX35||Firmware version 188.8.131.52|
|R6400v2||Firmware version 184.108.40.206|
|R6700v3||Firmware version 220.127.116.11|
|R6900P||Firmware version 18.104.22.168|
|R7000P||Firmware version 22.214.171.124|
|R7000P||Firmware version 126.96.36.199|
|R7960P||Firmware version 188.8.131.52|
|R8000P||Firmware version 184.108.40.206|