Netgear WNR614 flaws allow device takeover, no fix available

Netgear WNR614 flaws allow device takeover, no fix available


Researchers found half a dozen vulnerabilities of varying severity impacting Netgear WNR614 N300, a budget-friendly router that proved popular among home users and small businesses.

The device reached end-of-life (EoL) and is no longer supported by Netgear but it’s still present in many environments due to its reliability, ease of use, and performance.

Researchers at RedFox Security discovered in the router six vulnerabilities that range from authentication bypass and weak password policy to storing passwords in plain text and Wi-Fi Protected Setup (WPS) PIN exposure:

CVE-2024-36787: allows an attacker to bypass authentication and access the administrative interface via unspecified vectors. The flaw enables unauthorized access to the router’s settings, posing a severe threat to network security and sensitive user data.

Broken access control
Broken access control
Source: RedFox

CVE-2024-36788: the router has improper setting of the HTTPOnly flag for cookies. An attacker could leverage the vulnerability to intercept and access sensitive communications between the router and the devices connecting to it.

CVE-2024-36789: allows attackers to create passwords that do not comply with proper security standards and even accept a single character as a password for the administrator account. This could lead to unauthorized access, network manipulation, and potential data exposure.

CVE-2024-36790: the router stores credentials in plain text, which makes it easy for an attacker to gain unauthorized access, manipulate the router, and expose sensitive data.

Plaintext data exposure
Plaintext data exposure
Source: RedFox

CVE-2024-36792: the implementation of the WPS Wi-Fi feature allows attackers to gain access to the router’s PIN. This exposes the router to potential unauthorized access and manipulation.

WPS PIN exposure
WPS PIN exposure
Source: RedFox

CVE-2024-36795: insecure permissions that allow attackers to access URLs and directories embedded within the router’s firmware. This heightens the risk of unauthorized network access and control.


Since the router has reached EoL, Netgear is not expected to release security updates for the vulnerabilities. If replacing the device is not an option at the moment, users are strongly advised to apply mitigatations that could help prevent attacks:

  • Turn off remote management features to reduce the risk of unauthorized access.
  • Use complex, long passwords and change them regularly.
  • Separate the router from critical systems within the network to limit the impact of any potential breach.
  • Ensure the router uses HTTPS and use browser settings that enforce HTTPS to secure all communications and protect against interception.
  • Turn off WPS to prevent attackers from exploiting this feature and gaining unauthorized access.
  • Switch to WPA3 for enhanced security over older protocols.
  • Restrict access to the router’s administrative interface.

However, users that still rely on Netgear WNR614 should consider replacing it with a model that is actively supported by its manufacturer and provides better security.



Source link
lol

Researchers found half a dozen vulnerabilities of varying severity impacting Netgear WNR614 N300, a budget-friendly router that proved popular among home users and small businesses. The device reached end-of-life (EoL) and is no longer supported by Netgear but it’s still present in many environments due to its reliability, ease of use, and performance. Researchers at RedFox…

Leave a Reply

Your email address will not be published. Required fields are marked *