This may be a full RCE vulnerability but from what I can tell the exploit requires intercepting or redirecting HTTP traffic from the router to the update server.<p>Thats definitely a massive problem because anyone with access to DNS records (ISPs, governments, educational facilities, and so on) can remotely hack all of these devices, but on the other hand this poses no direct threat. The "immediately" part of the title seems overstated.<p>This just seems like a random, run-of-the-mill crappy router vulnerability to me. I'd be surprised if there was a consumer router that wasn't vulnerable to this somehow. Good thing Netgear provides a patch, though.
I'm so glad I've been playing around with OpenWRT lately. I bought a second router a while back just to experiment with it and now I have automatic fail-over between two ISPs (with mwan3) and WPA2 Enterprise (with FreeRadius).<p>Needless to say, my Netgear R7000P will soon be decommissioned. I wish it were officially supported on OpenWRT because it's got a good amount of RAM and flash that could have been put to better use.
<a href="https://kb.netgear.com/000064039/Security-Advisory-for-Remote-Code-Execution-on-Some-Routers-PSV-2021-0204" rel="nofollow">https://kb.netgear.com/000064039/Security-Advisory-for-Remot...</a><p>This link covers more the actual article.<p>TLDR: RCE on
R6400v2
R6700
R6700v3
R6900
R6900P
R7000
R7000P
R7850
R7900
R8000
RS400
Why the hell do I have to manually download the new firmware and deploy it to fix this? My Netgear router has usually been able to update itself in the past just by logging into the admin console and checking for new firmware updates.