1Sd3D

Name of the Vulnerable Software and Affected Versions: NETGEAR Multiple Routers (affected versions not specified) Description: This issue allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers. No authentication is required to exploit this issue. The flaw exists within the mini httpd service, which listens on TCP port 80 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this issue to escalate privileges and execute arbitrary code in the context of root. Recommendations: At the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: NETGEAR R7450 version 1.2.0.62 1.0.1 Description: This issue allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7450 routers. The specific flaw exists within the mini httpd service, which listens on TCP port 80 by default. The issue results from improper state tracking in the password recovery process. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Recommendations: For NETGEAR R7450 version 1.2.0.62 1.0.1, as a temporary workaround, consider disabling the mini httpd service until a patch is available. Restrict access to the password recovery process to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: NETGEAR R7450 version 1.2.0.62 1.0.1 Description: This issue allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R7450 routers. Authentication is not required to exploit this issue. The specific flaw exists within the SOAP API endpoint, which listens on TCP port 80 by default. The issue results from the lack of proper access control. An attacker can leverage this issue to disclose stored credentials, leading to further compromise. Recommendations: For NETGEAR R7450 version 1.2.0.62 1.0.1, consider disabling access to the SOAP API endpoint until a patch is available. Restrict access to TCP port 80 to minimize the risk of exploitation. Avoid using the RecoverAdminPassword function in the SOAP API until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 firmware version 1.2.0.62 1.0.1 **Description** This issue allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR routers. Although authentication is required to exploit this issue, the existing authentication mechanism can be bypassed. The specific flaw exists within the mini httpd service, which listens on TCP port 80 by default. When parsing the `funjsq access token` parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this issue to execute code in the context of root. **Recommendations** For NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 firmware version 1.2.0.62 1.0.1, consider disabling the mini httpd service until a patch is available. As a temporary workaround, restrict access to the `funjsq access token` parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** NETGEAR R6020 versions (affected versions not specified) NETGEAR R6080 versions (affected versions not specified) NETGEAR R6120 versions (affected versions not specified) NETGEAR R6220 versions (affected versions not specified) NETGEAR R6260 versions (affected versions not specified) NETGEAR R6700v2 versions (affected versions not specified) NETGEAR R6800 versions (affected versions not specified) NETGEAR R6900v2 versions (affected versions not specified) NETGEAR R7450 versions (affected versions not specified) NETGEAR JNR3210 versions (affected versions not specified) NETGEAR WNR2020 versions (affected versions not specified) NETGEAR Nighthawk AC2100 versions (affected versions not specified) NETGEAR Nighthawk AC2400 versions (affected versions not specified) **Description** This issue allows network-adjacent attackers to bypass authentication on affected NETGEAR router installations. The flaw exists within the mini httpd service, which listens on TCP port 80 by default, due to incorrect string matching logic when accessing protected pages. An attacker can leverage this in conjunction with other issues to execute code in the context of root. **Recommendations** For NETGEAR R6020, consider disabling the mini httpd service until a patch is available. For NETGEAR R6080, restrict access to protected pages to minimize the risk of exploitation. For NETGEAR R6120, avoid using the default TCP port 80 for the mini httpd service. For NETGEAR R6220, consider implementing additional authentication measures. For NETGEAR R6260, restrict access to the mini httpd service. For NETGEAR R6700v2, consider disabling access to protected pages. For NETGEAR R6800, implement strict access controls for the mini httpd service. For NETGEAR R6900v2, consider restricting access to the router's administration interface. For NETGEAR R7450, avoid using default settings for the mini httpd service. For NETGEAR JNR3210, consider implementing a web application firewall. For NETGEAR WNR2020, restrict access to the mini httpd service. For NETGEAR Nighthawk AC2100, consider disabling the mini httpd service. For NETGEAR Nighthawk AC2400, implement additional security measures to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to errors in privilege management within the win32k component of the Windows operating system. It allows an attacker to potentially elevate their privileges. The vulnerability can be exploited to affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.