Researchers have discovered a Critical authentication bypass vulnerability and two other flaws in multiple models of some Smart Switches.
Each of these issues could allow a remote attacker to compromise unpatched devices.
Netgear released the security updates on September 3, 2021 for some Netgear Smart Switches, PSV-2021-0140, PSV-2021-0144, PSV-2021-0145.
In all, Netgear provided firmware updates for the following models:
The most severe of the vulnerabilities, Demon’s Cries, could result in authentication bypass.
“NETGEAR GS110TPV3 Smart Managed Pro Switch with SCC Control enabled* is vulnerable to an authentication bypass resulting in the attacker being able to change admin’s password (among other things), resulting in a full compromise of the device,” Coldwind wrote in a blog post.
Moreover, Draconian Fear could allow an attacker with the same IP as a logged in administrator to hijack the session bootstrapping information. As a result, an attacker could “gain full admin access to the device web UI and resulting in a full compromise of the device.”
According to Netgear, the vulnerabilities range from a CVSS score of 7.4 to 8.8.
However, Coldwind said that the Demon’s Cries vulnerability should be rated 9.8 based on attack vectors (i.e., network vs. adjacent).
- Netgear fixes high risk vulnerability in multiple routers and network devices
- NETGEAR denial-of-service vulnerabilities fixed (CVE-2019-5054, CVE-2019-5055)
- 450K internet-connected QNAP devices exposed to RCE vulnerabilities
- New Mirai variant exploits IoT devices
- VPNfilter malware targets 500K networking devices