CVE-2023-23110

Name of the Vulnerable Software and Affected Versions Netgear WNR612v2 Wireless Routers versions 1.0.0.3 and earlier Netgear DGN1000v3 Modem Router versions 1.0.0.22 and earlier Netgear D6100 WiFi DSL Modem Routers versions 1.0.0.63 and earlier Netgear WNR1000v2 Wireless Routers versions 1.1.2.60 and earlier Netgear XAVN2001v2 Wireless-N Extenders versions 0.4.0.7 and earlier Netgear WNR2200 Wireless Routers versions 1.0.1.102 and earlier Netgear WNR2500 Wireless Routers versions 1.0.0.34 and earlier Netgear R8900 Smart WiFi Routers versions 1.0.3.6 and earlier Netgear R9000 Smart WiFi Routers versions 1.0.3.6 and earlier

Description An exploitable firmware modification vulnerability was discovered in certain Netgear products. The data integrity of the uploaded firmware image is ensured with a fixed checksum number. Therefore, an attacker can conduct a Man-In-The-Middle (MITM) attack to modify the user-uploaded firmware image and bypass the checksum verification.

Recommendations For WNR612v2 Wireless Routers versions 1.0.0.3 and earlier, update to a version later than 1.0.0.3 to resolve the issue. For DGN1000v3 Modem Router versions 1.0.0.22 and earlier, update to a version later than 1.0.0.22 to resolve the issue. For D6100 WiFi DSL Modem Routers versions 1.0.0.63 and earlier, update to a version later than 1.0.0.63 to resolve the issue. For WNR1000v2 Wireless Routers versions 1.1.2.60 and earlier, update to a version later than 1.1.2.60 to resolve the issue. For XAVN2001v2 Wireless-N Extenders versions 0.4.0.7 and earlier, update to a version later than 0.4.0.7 to resolve the issue. For WNR2200 Wireless Routers versions 1.0.1.102 and earlier, update to a version later than 1.0.1.102 to resolve the issue. For WNR2500 Wireless Routers versions 1.0.0.34 and earlier, update to a version later than 1.0.0.34 to resolve the issue. For R8900 Smart WiFi Routers versions 1.0.3.6 and earlier, update to a version later than 1.0.3.6 to resolve the issue. For R9000 Smart WiFi Routers versions 1.0.3.6 and earlier, update to a version later than 1.0.3.6 to resolve the issue. As a temporary workaround, consider restricting access to the firmware update process to minimize the risk of exploitation.