Last Updated on 23/03/2023 by elicia
Talos Intelligence, a leading cybersecurity research firm, has discovered a critical vulnerability in the Netgear Orbi router that can allow attackers to execute arbitrary commands on affected devices.
This vulnerability, tracked as TALOS-2022-1596 (CVE-2022-37337) that could lead to arbitrary command execution on the device.
The user must authenticate into the mesh system first, meaning they’d need to access an unprotected network or the login credentials of a password-protected network, for this attack to be successful.
Then, the adversary needs to send a specially crafted HTTP request to trigger the vulnerability.
How impacting this issue could be?
The Netgear Orbi router is a popular mesh Wi-Fi system used by many households and small businesses. The vulnerability exists in the Orbi’s web management interface, which allows users to configure and manage their network settings through a web browser.
Specifically, the vulnerability is due to improper input validation of user-supplied data in the web management interface(UI).
Who can attack on these routers using Netgear Orbi Mesh Wireless System?
A remote attacker can exploit this vulnerability by sending a specially crafted request to the Orbi’s web management interface, allowing them to execute arbitrary commands with root privileges on the affected device.
This can lead to a complete compromise of the device, allowing attackers to steal sensitive data, install malware, or use the device as a launching pad for further attacks.
Talos Intelligence has notified Netgear of the vulnerability, and company company has ensured to release a patch for TALOS-2022-159 in next 90 days as per cisco vulnerability disclosure policy.
Confirmation of affected version
Talos tested and confirmed these versions (Netgear Orbi Satellite RBS750, version 18.104.22.168) of the Orbi system could be exploited by these vulnerabilities.
It is highly recommended that all Netgear Orbi users update their devices to the latest firmware version as soon as possible to mitigate the risk of exploitation.
This discovery underscores the importance of keeping network devices up to date with the latest security patches and underscores the critical role that cybersecurity researchers play in identifying and reporting vulnerabilities to ensure the safety and security of all users.