Remote Code Execution Vulnerability in NETGEAR Devices

Published on 18 Nov 2021

Updated on 18 Nov 2021

NETGEAR has released security updates to address a remote code execution vulnerability (CVE-2021-34991) in their devices. Successful exploitation of the vulnerability could allow a remote attacker to take control of an affected system. This vulnerability affects NETGEAR devices such as small office/home office routers, DSL modems, cable modems, and extenders.

Users and administrators of the affected NETGEAR devices are advised to upgrade to the latest firmware immediately.  
 
More information is available here:
https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168 
https://www.securityweek.com/netgear-patches-code-execution-vulnerability-affecting-many-products