A Zero-Day Remote Code Execution vulnerability affects 79 different Netgear routers
With the significant increase in home-working due to the COVID pandemic, the security of home workers’ connectivity is under scrutiny. Security researchers have detailed a serious vulnerability in the firmware of many Netgear routers popular in small and home office set-ups.
The vulnerability exists in the httpd server which listens on the LAN port of the router. A malicious website on the internet is able to use AJAX queries to interact with the router’s httpd server on the LAN and exploit the vulnerability.
So simply visiting a malicious website is sufficient to compromise the Netgear router used to connect to the Internet.
A detailed walkthrough of how the exploit was discovered has been published on the researcher’s blog.
Netgear have published a security advisory and are gradually rolling out hotfixes and firmware upgrades for the affected devices.