Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-38458: TALOS-2022-1598 || Cisco Talos Intelligence Group

A cleartext transmission vulnerability exists in the Remote Management functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information.

CVE
#vulnerability#web#cisco#intel#auth#wifi

SUMMARY

A cleartext transmission vulnerability exists in the Remote Management functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information.

CONFIRMED VULNERABLE VERSIONS

The versions below were either tested or verified to be vulnerable by Talos or confirmed to be vulnerable by the vendor.

Netgear Orbi Router RBR750 4.6.8.5

PRODUCT URLS

Orbi Router RBR750 - https://www.netgear.com/support/product/RBR750

CVSSv3 SCORE

6.5 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE

CWE-311 - Missing Encryption of Sensitive Data

DETAILS

The Orbi Mesh Wi-Fi System creates dedicated high-speed Wi-Fi connections to your Internet service. The Orbi router (model RBR750) connects to your modem or gateway. The Orbi satellite (model RBS750) extends the Wi-Fi signal throughout your home.

An option exists in the Web Services Management tool to “Always use HTTPS to access the router”. However, if a user browses to http://<router_ip>/ they are prompted for credentials before redirecting to HTTPS. In addition, the credentials must be valid in order for the redirect to proceed. Once redirected to HTTPS, the user is then prompted again for authentication, but this time over HTTPS.

TIMELINE

2022-08-30 - Initial Vendor Contact
2022-09-05 - Vendor Disclosure
2023-01-19 - Vendor Patch Release
2023-03-21 - Public Release

Discovered by Christopher McBee and Dave McDaniel of Cisco Talos.

Related news

The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter

Given the privileged position these devices occupy on the networks they serve, they are prime targets for attackers, so their security posture is of paramount importance.

Vulnerability Spotlight: Netgear Orbi router vulnerable to arbitrary command execution

Cisco Talos recently discovered four vulnerabilities in the Netgear Orbi mesh wireless system, including the main hub router and satellite routers that extend the network’s range.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907