If your Netgear Orbi router isn’t patched, you’ll want to change that pronto

 In Biz & IT, Netgear

If your Netgear Orbi router isn’t patched, you’ll want to change that pronto

Serving the Technologist for more than a decade. IT news, reviews, and analysis.
An Orbi 750 series router.

Enlarge / An Orbi 750 series router. (credit: Netgear)

If you rely on Netgear’s Orbi mesh wireless system to connect to the Internet, you’ll want to ensure it’s running the latest firmware now that exploit code has been released for critical vulnerabilities in older versions.

The Netgear Orbi mesh wireless system comprises a main hub router and one or more satellite routers that extend the network’s range. By setting up multiple access points in a home or office, they form a mesh system that ensures Wi-Fi coverage is available throughout.

Remotely injecting arbitrary commands

Last year, researchers on Cisco’s Talos security team discovered four vulnerabilities and privately reported them to Netgear. The most severe of the vulnerabilities, tracked as CVE-2022-37337, resides in the access control functionality of the RBR750. Hackers can exploit it to remotely execute commands by sending specially crafted HTTP requests to the device. The hacker must first connect to the device, either by knowing the SSID password or by accessing an unprotected SSID. The severity of the flaw is rated 9.1 out of a possible 10.

Read 16 remaining paragraphs | Comments

The threat is serious enough to warrant a manual check ASAP.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt