CVE-2017-18860: Security Advisory for Authentication Bypass and Remote Command Execution on Some Smart and Managed Switches, PSV-2017-0857 | Answer

Was this article helpful? Yes No

NETGEAR is aware of a security issue that can allow an attacker to access the debugging URL of some models of Smart and Managed Switches without first authenticating. After accessing the debugging URL, the attacker can then execute commands on the switch, such as resetting or restarting the switch. This attack can only be executed remotely if the switch itself can be accessed remotely; for most users, a firewall will block access from outside the local network.

This vulnerability affects the following products:

• FS752TP, firmware version 5.4.2.19 and earlier
• GS108Tv2, firmware version 5.4.2.29 and earlier
• GS110TP, firmware version 5.4.2.29 and earlier
• GS418TPP, firmware version 6.6.2.6 and earlier
• GS510TLP, firmware version 6.6.2.6 and earlier
• GS510TP, firmware version 5.04.2.27 and earlier
• GS510TPP, firmware version 6.6.2.6 and earlier
• GS716Tv2, firmware version 5.4.2.27 and earlier
• GS716Tv3, firmware version 6.3.1.16 and earlier
• GS724Tv3, firmware version 5.4.2.27 and earlier
• GS724Tv4, firmware version 6.3.1.16 and earlier
• GS728TPSB, firmware version 5.3.0.29 and earlier
• GS728TSB, firmware version 5.3.0.29 and earlier
• GS728TXS, firmware version 6.1.0.35 and earlier
• GS748Tv4, firmware version 5.4.2.27 and earlier
• GS748Tv5, firmware version 6.3.1.16 and earlier
• GS752TPSB, firmware version 5.3.0.29 and earlier
• GS752TSB, firmware version 5.3.0.29 and earlier
• GS752TXS, firmware version 6.1.0.35 and earlier
• M4200, firmware version 12.0.2.10 and earlier
• M4300, firmware version 12.0.2.10 and earlier
• M5300, firmware version 11.0.0.28 and earlier
• M6100, firmware version 11.0.0.28 and earlier
• M7100, firmware version 11.0.0.28 and earlier
• S3300, firmware version 6.6.1.4 and earlier
• XS708T, firmware version 6.6.0.11 and earlier
• XS712T, firmware version 6.1.0.34 and earlier
• XS716T, firmware version 6.6.0.11 and earlier

Firmware fixes are currently available for all affected products. NETGEAR strongly recommends that you upgrade to the firmware version that fixes the authentication bypass and remote command execution vulnerability as soon as possible.

To download the firmware update that fixes the remote command execution vulnerability:

1. Visit NETGEAR Support.
2. Start typing your model number in the search box, then select your model from the drop-down menu as soon as it appears.
   If you do not see a drop-down menu, make sure that you entered your model number correctly, or select a product category to browse for your product model.
3. Click Downloads.
4. Under Current Versions, select the download whose title begins with Firmware Version.
5. If you see a Release Notes link, click it and follow the instructions in the release notes to download and install the new firmware.
6. If you do not see a Release Notes link or if you do not see instructions in the release notes, click Download to download the new firmware.
7. Follow the firmware upgrade instructions in your Software Administration Guide or Software Administration Manual, which is available on your product’s Support page under User Guides and Documentation.

The potential for authentication bypass and remote command execution remains if you do not update your firmware. NETGEAR is not responsible for any consequences that could have been avoided by updating your firmware as recommended in this notification.

We appreciate and value having security concerns brought to our attention. NETGEAR constantly monitors for both known and unknown threats. Being pro-active rather than re-active to emerging security issues is fundamental for product support at NETGEAR.

It is NETGEAR’s mission to be the innovative leader in connecting the world to the internet. To achieve this mission, we strive to earn and maintain the trust of those that use NETGEAR products for their connectivity.

To report a security vulnerability, visit https://bugcrowd.com/netgear.

If you are a NETGEAR customer with a security-related support concern, you can contact NETGEAR customer support at [email protected].

For all other issues, visit http://www.netgear.com/about/security/.

Last Updated:09/06/2017 | Article ID: 000038519

Was this article helpful?Yes No

This article applies to:

• Fully Managed Switch (43)
  • GSM7228PS
  • GSM7252PS
  • GSM7328FS
  • GSM7328SO
  • GSM7328Sv1
  • GSM7328Sv2
  • GSM7352SO
  • GSM7352Sv1
  • GSM7352Sv2
  • M4200-10MG-PoE+ (GSM4210P)
  • M4300-12X12F (XSM4324S)
  • M4300-16X (XSM4316PB)
  • M4300-24X (XSM4324CS)
  • M4300-24X24F (XSM4348S)
  • M4300-24XF (XSM4324FS)
  • M4300-28G (GSM4328S)
  • M4300-28G-POE+ (GSM4328PS)
  • M4300-28G-PoE+ (GSM4328PA)
  • M4300-28G-PoE+ (GSM4328PB)
  • M4300-48X (XSM4348CS)
  • M4300-48XF (XSM4348FS)
  • M4300-52G (GSM4352S)
  • M4300-52G-POE+ (GSM4352PS)
  • M4300-52G-PoE+ (GSM4352PA)
  • M4300-52G-PoE+ (GSM4352PB)
  • M4300-8X8F (XSM4316S)
  • M4300-96X (XSM4396K0 and XSM4396K1)
  • M5300-28G (GSM7228S)
  • M5300-28G-POE+ (GSM7228PSv1h2)
  • M5300-28G3 (GSM7328Sv2h2)
  • M5300-28GF3 (GSM7328FSv2)
  • M5300-52G (GSM7252S)
  • M5300-52G-POE+ (GSM7252PSv1h2)
  • M5300-52G3 (GSM7352Sv2h2)
  • M6100
  • M7100-24X (XSM7224)
  • XCM8903
  • XCM8924X
  • XCM8944
  • XCM8944F
  • XCM8948
  • XCM89P
  • XCM89UP
• Standalone Switch (15)
  • FS752TP
  • GS108Tv2
  • GS110TP
  • GS418TPP
  • GS510TLP
  • GS510TP
  • GS510TPP
  • GS716Tv2
  • GS716Tv3
  • GS724Tv3
  • GS724Tv4
  • GS748Tv4
  • GS748Tv5
  • MS510TX
  • MS510TXPP
• Stackable Switch (10)
  • GS728TPS(B)
  • GS728TS(B)
  • GS728TXS
  • GS752TPS(B)
  • GS752TS(B)
  • GS752TXS
  • S3300-28X (GS728TX)
  • S3300-28X-PoE+ (GS728TXP)
  • S3300-52X (GS752TX)
  • S3300-52X-PoE+ (GS752TXP)
• 10-Gigabit Switch (4)
  • XS708T
  • XS712T
  • XS712Tv2
  • XS716T

How to Find Your Model Number

Looking for more about your product?

Get information, documentation, videos and more for your specific product.

Need to Contact Support?

With NETGEAR’s round-the-clock premium support, help is just a phone call away.

Complimentary Support

NETGEAR provides complimentary technical support for NETGEAR products for 90 days from the original date of purchase.

Contact Support

NETGEAR Premium Support

GearHead Support for Home Users

GearHead Support is a technical support service for NETGEAR devices and all other connected devices in your home. Advanced remote support tools are used to fix issues on any of your devices. The service includes support for the following:

• Desktop and Notebook PCs, Wired and Wireless Routers, Modems, Printers, Scanners, Fax Machines, USB devices and Sound Cards
• Windows Operating Systems (2000, XP or Vista), MS Word, Excel, PowerPoint, Outlook and Adobe Acrobat
• Anti-virus and Anti-Spyware: McAfee, Norton, AVG, eTrust and BitDefender

Learn More

ProSUPPORT Services for Business Users

NETGEAR ProSUPPORT services are available to supplement your technical support and warranty entitlements. NETGEAR offers a variety of ProSUPPORT services that allow you to access NETGEAR’s expertise in a way that best meets your needs:

• Product Installation
• Professional Wireless Site Survey
• Defective Drive Retention (DDR) Service

Learn More