CVE-2022-46423

Name of the Vulnerable Software and Affected Versions Netgear WNR2000v1 versions 1.2.3.7 and earlier

Description An exploitable firmware modification vulnerability was discovered on the Netgear WNR2000v1 router. An attacker can conduct a Man-in-the-Middle (MITM) attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service (DoS).

Recommendations For versions 1.2.3.7 and earlier, as a temporary workaround, consider restricting access to the firmware update process until a patch is available. Avoid using the vulnerable firmware update mechanism until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.