_Agata_Gładykowska_Alamy.jpg?#)
Critical Netgear Vulnerabilities Let Attackers Execute Remote Code
NETGEAR has issued a critical security advisory addressing a severe unauthenticated remote code execution (RCE) vulnerability affecting several of its popular router models. This flaw, tracked under internal identifier PSV-2023-0039, poses a significant risk by allowing attackers to execute arbitrary code remotely without requiring authentication. NETGEAR strongly urges users to update their firmware immediately to […] The post Critical Netgear Vulnerabilities Let Attackers Execute Remote Code appeared first on Cyber Security News.
NETGEAR has issued a critical security advisory addressing a severe unauthenticated remote code execution (RCE) vulnerability affecting several of its popular router models.
This flaw, tracked under internal identifier PSV-2023-0039, poses a significant risk by allowing attackers to execute arbitrary code remotely without requiring authentication.
NETGEAR strongly urges users to update their firmware immediately to mitigate the risk of exploitation.
Understanding the Vulnerability
Remote Code Execution (RCE) vulnerabilities allow attackers to run malicious code on a target system from a remote location.
In this case, the vulnerability affects NETGEAR’s XR1000, XR1000v2, and XR500 routers, which are part of the Nighthawk gaming lineup.
The flaw has been rated as critical, with a CVSS score of 9.8, indicating its potential for widespread damage, including data theft, unauthorized surveillance, and network disruption.
The vulnerability does not require user interaction or authentication, making it particularly dangerous. Attackers could exploit this flaw to gain full control over affected devices, potentially compromising entire networks.
The vulnerability stems from improper input validation within the affected routers’ firmware, allowing attackers to inject malicious code remotely.
While no specific CVE (Common Vulnerabilities and Exposures) ID was initially assigned, subsequent updates have designated this flaw as CVE-2025-25246.
The vulnerability was identified through Bugcrowd, NETGEAR’s bug bounty program. The company has not disclosed detailed exploitation methods but emphasizes that failing to apply the patch leaves devices critically exposed.
Impacted Devices and Firmware Updates
The following NETGEAR router models are affected by this vulnerability:
- XR1000: Fixed in firmware version 1.0.0.74
- XR1000v2: Fixed in firmware version 1.1.0.22
- XR500: Fixed in firmware version 2.3.2.134
To secure your device, NETGEAR recommends downloading and installing the latest firmware via their support website or mobile apps like the Nighthawk app.
The company has warned that failure to apply these updates could result in severe consequences for users’ networks and devices. The company assumes no responsibility for damages caused by unpatched vulnerabilities.
To protect against similar threats in the future:
- Regularly update firmware across all devices.
- Change default admin credentials to strong, unique passwords.
- Disable remote management features unless necessary.
- Monitor network activity for unusual behavior.
Users are advised to act immediately by applying the recommended patches to safeguard their devices against potential exploitation.
Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free
The post Critical Netgear Vulnerabilities Let Attackers Execute Remote Code appeared first on Cyber Security News.
