Guest Killhippie Posted August 30, 2019 Share Posted August 30, 2019 NETGEAR has released firmware fixes or hotfixes for KCodes NetUSB unauthenticated remote kernel information disclosure and arbitrary memory read security vulnerabilities on the following product models: XR500 running firmware versions prior to v2.3.2.56 XR700 running firmware versions prior to v1.0.1.18_BETA D6000 running firmware versions prior to v1.0.0.78 D6400 running firmware versions prior to v1.0.0.88 D7800 running firmware versions prior to v1.0.1.56 DC112A running firmware versions prior to v1.0.0.44 EX6200 running firmware versions prior to v1.0.3.90 EX6200v2 running firmware versions prior to v1.0.1.78 EX8000 running firmware versions prior to v1.0.1.202 R6250 running firmware versions prior to v1.0.4.38_BETA R6400 running firmware versions prior to v1.0.1.50 R7300DST running firmware versions prior to v1.0.0.74_BETA R7500v2 running firmware versions prior to v1.0.3.41_BETA R7800 running firmware versions prior to v1.0.2.63_BETA R7900 running firmware versions prior to 1.0.3.14_10.0.40_BETA R8000 running firmware versions prior to 1.0.4.38_10.1.59_BETA R8900 running firmware versions prior to v1.0.4.36_BETA R9000 running firmware versions prior to v1.0.4.36_BETA WNDR4300v2 running firmware versions prior to v1.0.0.60_BETA WNDR4500v3 running firmware versions prior to v1.0.0.60_BETA The firmware versions that end in “_BETA” are security hotfixes. Security hotfixes are beta firmware created outside of normal development and testing processes. While the hotfixes do fix the security vulnerabilities identified above, they could negatively affect the regular operation of your device. Though our pre-deployment testing process did not indicate that these hotfixes would impact device operability, we always encourage our users to monitor their device closely after installing the firmware hotfix. NETGEAR strongly recommends that you download the latest firmware fixes or hotfixes for these product models as soon as possible. CVSS v3 Rating: High CVSS v3 Score: 8.8 Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * I would suggest not running older firmware on XR routers unless its just for testing purposes and that you update to version 2.3.2.56 or 1.0.1.18_BETA to be safe Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.