July 12, 2024 at 11:35AM
Netgear urges customers to update their WiFi 6 routers to address security vulnerabilities. These include a stored cross-site scripting flaw affecting XR1000 Nighthawk gaming routers and an authentication bypass bug impacting CAX30 Nighthawk AX6 6-Stream cable modem routers. Netgear provides steps for firmware updates and warns users of potential consequences if they do not comply.
Based on the meeting notes, here are the key takeaways:
– Netgear has issued a warning to customers to update their devices to the latest available firmware in order to patch stored cross-site scripting (XSS) and authentication bypass vulnerabilities in several WiFi 6 router models.
– Specifically, the stored XSS security flaw affects the XR1000 Nighthawk gaming router, while the authentication bypass security bug impacts CAX30 Nighthawk AX6 6-Stream cable modem routers.
– Successful attacks exploiting these vulnerabilities can lead to various security risks, including hijacking user sessions, redirecting users to malicious sites, displaying fake login forms, stealing restricted information, and performing actions with compromised user permissions.
– Netgear strongly recommends downloading and installing the latest firmware for affected routers as soon as possible. Detailed instructions for updating router firmware have been provided by Netgear.
– It was noted that a Netgear spokesperson was not immediately available to share more details regarding the security flaws when BleepingComputer reached out.
– In a related development, last month, security researchers disclosed vulnerabilities impacting the Netgear WNR614 N300, a router model that has reached end-of-life and is no longer supported by Netgear. As a result, the company will not release security patches for this model and has advised users to replace the router or apply mitigation measures.
If you need any further assistance or information, please feel free to ask.