Helen Hunt Jackson famously wrote, “By all lovely tokens September is here, with summer’s best of weather and autumn’s best of cheer.” I share Helen’s clear adoration for this time of year. As a sports fan, there are so many “lovely tokens” to enjoy. The baseball pennant race is heating up, college and pro football are underway, and various soccer leagues (real football to the rest of the world) continue.

Helen Hunt Jackson famously wrote, “By all lovely tokens September is here, with summer’s best of weather and autumn’s best of cheer.” I share Helen’s clear adoration for this time of year. As a sports fan, there are so many “lovely tokens” to enjoy. The baseball pennant race is heating up, college and pro football are underway, and various soccer leagues (real football to the rest of the world) continue. As a parent, there are the “lovely tokens” of my kids returning to school, which brings a reminder of summer’s passing and excitement for another year of learning, growing, and adjusting to a new routine. For me, the routine is set: the second Tuesday of the month is here and with it comes a round of “lovely tokens” to help protect our customers.

This month we released 13 bulletins–four Critical and nine Important–which addressed 47 unique CVEs in Microsoft Windows, Office, Internet Explorer and SharePoint. For those who need to prioritize their deployment planning, we recommend focusing on MS13-067, MS13-068, and MS13-069 first.

Our Bulletin Deployment Priority graph provides an overview of this month’s priority releases (click for larger view).

**MS13-068 |** **Vulnerability in Microsoft Outlook Could Allow Remote Code Execution**

In preparing for this month’s release, this is the first bulletin that caught my attention, and it likely caught yours as well. This privately reported issue could allow remote code execution if an email carrying a specially craft S/MIME certificate is viewed or previewed on an affected system. As detailed in the SRD Blog, creating S/MIME certificates is trivial, but creating the specific one in the precise manner needed to execute code will be difficult. Still, the possibility is there and that is why we listed this update as our highest priority for this month. We have not detected any active attacks here and if you have automatic updating enabled, you won’t need to take any action to be protected from this issue.

**MS13-069 | Cumulative Security Update for Internet Explorer**

This security update resolves 10 issues in all supported versions of Internet Explorer. All 10 were privately disclosed and we have not detected any active attacks for anything addressed by the bulletin. All CVEs are caused by the browser improperly accessing an object in memory. If you visit a specially crafted website with an affected system, an attacker could execute arbitrary code in the context of the current user. This security update is rated Critical for all versions of Internet Explorer.

**MS13-067 | Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution**

This update for SharePoint Servers also addresses 10 issues, but here, only CVE-2013-1330 is Critical. While CVE-2013-3180, an Important-rated issue, was publicly disclosed, we have not detected any active attacks involving any of these issues. For the one Critical CVE here, an attacker could send specially crafted content to an affected server. After a failure to properly validate the input,  
the attacker could then execute code on the system in the context of the W3WP service account. SharePoint Server 2013 is not affected by this Critical issue.

Our risk and impact graph shows an aggregate view of this month’s Severity and Exploitability Index (click for larger view).

Finally, we are revising Security Advisory 2755801 to provide the latest update for Adobe Flash Player in Internet Explorer. Full details about this update can be found in the advisory.

For more information about this month’s security updates, including the detailed view of the Exploit Index broken down by CVE, visit the Microsoft Bulletin Summary Web page.

Jonathan Ness and I will host the monthly bulletin webcast, scheduled for Wednesday, September 11, 2013, at 11 a.m. PDT. I invite you to register here and tune in to learn more about this month’s security bulletins and advisories.

For all the latest information, you can also follow the MSRC team on Twitter at @MSFTSecResponse.

I hope you find some lovely tokens to enjoy this month. Pumpkin spice can be a great additive this time of year; just remember not _everything_ needs it. I look forward to hearing your questions in the webcast tomorrow.

Thanks,  
Dustin Childs  
Group Manager, Response Communications  
Microsoft Trustworthy Computing

Lovely tokens and the September 2013 security updates

Multiple security vulnerabilities have been disclosed in the Exim mail transfer agent that, if successfully exploited, could result in information disclosure and remote code execution.
The list of flaws, which were reported anonymously way back in June 2022, is as follows -

CVE-2023-42114 (CVSS score: 3.7) - Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability

Email Security / Hacking News

Multiple security vulnerabilities have been disclosed in the Exim mail transfer agent that, if successfully exploited, could result in information disclosure and remote code execution.

The list of flaws, which were reported anonymously way back in June 2022, is as follows -

*   **CVE-2023-42114** (CVSS score: 3.7) - Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability
*   **CVE-2023-42115** (CVSS score: 9.8) - Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability
*   **CVE-2023-42116** (CVSS score: 8.1) - Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability
*   **CVE-2023-42117** (CVSS score: 8.1) - Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability
*   **CVE-2023-42118** (CVSS score: 7.5) - Exim libspf2 Integer Underflow Remote Code Execution Vulnerability
*   **CVE-2023-42119** (CVSS score: 3.1) - Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability

The most severe of the vulnerabilities is CVE-2023-42115, which allows remote, unauthenticated attackers to execute arbitrary code on affected installations of Exim.

"The specific flaw exists within the SMTP service, which listens on TCP port 25 by default," the Zero Day Initiative said in an alert published this week.

"The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a buffer. An attacker can leverage this vulnerability to execute code in the context of the service account."

Exim maintainers, in a message shared on the Open Source Security mailing list oss-security, said fixes for CVE-2023-42114, CVE-2023-42115, and CVE-2023-42116 are "available in a protected repository and are ready to be applied by the distribution maintainers."

"The remaining issues are debatable or miss information we need to fix them," adding it asked ZDI more specifics about the issues and that it "didn't get answers we were able to work with" until May 2023. The Exim team further said they are awaiting detailed specifics on the other three shortcomings.

However, the ZDI pushed back against claims about "sloppy handling" and "neither team pinging the other for 10 months," stating it reached out several times to the developers.

"After our disclosure timeline was exceeded by many months, we notified the maintainer of our intent to publicly disclose these bugs, at which time we were told, 'you do what you do,'" it said.

"If these bugs have been appropriately addressed, we will update our advisories with a link to the security advisory, code check-in, or other public documentation closing the issue."

In the absence of patches, the ZDI recommends restricting interaction with the application as the only "salient" mitigation strategy.

This is not the first time security flaws have been uncovered in the widely used mail transfer agent. In May 2021, Qualys disclosed a set of 21 vulnerabilities collectively tracked as 21Nails that enable unauthenticated attackers to achieve complete remote code execution and gain root privileges.

UPCOMING WEBINAR

Fight AI with AI — Battling Cyber Threats with Next-Gen AI Tools

Ready to tackle new AI-driven cybersecurity challenges? Join our insightful webinar with Zscaler to address the growing threat of generative AI in cybersecurity.

Supercharge Your Skills

Previously in May 2020, the U.S. government reported that hackers affiliated with Sandworm, a state-sponsored group from Russia, had been exploiting a critical Exim vulnerability (CVE-2019-10149, CVSS score: 9.8) to penetrate sensitive networks.

The development also comes hot on the heels of a new study by researchers from the University of California San Diego that discovered a novel technique called forwarding-based spoofing which takes advantage of weaknesses in email forwarding to send messages impersonating legitimate entities, thereby compromising on integrity.

"The original protocol used to check the authenticity of an email implicitly assumes that each organization operates its own mailing infrastructure, with specific IP addresses not used by other domains," the research found.

"But today, many organizations outsource their email infrastructure to Gmail and Outlook. As a result, thousands of domains have delegated the right to send email on their behalf to the same third party. While these third-party providers validate that their users only send email on behalf of domains that they operate, this protection can be bypassed by email forwarding."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks

Microsoft today released updates to fix more than 50 security vulnerabilities in Windows and related software, a relatively light Patch Tuesday this month for Windows administrators. The software giant also responded to a torrent of negative feedback on a new feature of Redmond's flagship operating system that constantly takes screenshots of whatever users are doing on their computers, saying the feature would no longer be enabled by default.

**Microsoft** today released updates to fix more than 50 security vulnerabilities in **Windows** and related software, a relatively light Patch Tuesday this month for Windows users. The software giant also responded to a torrent of negative feedback on a new feature of Redmond’s flagship operating system that constantly takes screenshots of whatever users are doing on their computers, saying the feature would no longer be enabled by default.

Last month, Microsoft debuted **Copilot+ PCs**, an AI-enabled version of Windows. Copilot+ ships with a feature nobody asked for that Redmond has aptly dubbed **Recall**, which constantly takes screenshots of what the user is doing on their PC. Security experts roundly trashed Recall as a fancy keylogger, noting that it would be a gold mine of information for attackers if the user’s PC was compromised with malware.

Microsoft countered that Recall snapshots never leave the user’s system, and that even if attackers managed to hack a Copilot+ PC they would not be able to exfiltrate on-device Recall data. But that claim rang hollow after former Microsoft threat analyst **Kevin Beaumont** detailed on his blog how any user on the system (even a non-administrator) can export Recall data, which is just stored in an SQLite database locally.

“I’m not being hyperbolic when I say this is the dumbest cybersecurity move in a decade,” Beaumont said on Mastodon.

In a recent Risky Business podcast, host **Patrick Gray** noted that the screenshots created and indexed by Recall would be a boon to any attacker who suddenly finds himself in an unfamiliar environment.

“The first thing you want to do when you get on a machine if you’re up to no good is to figure out how someone did their job,” Gray said. “We saw that in the case of the SWIFT attacks against central banks years ago. Attackers had to do screen recordings to figure out how transfers work. And this could speed up that sort of discovery process.”

Responding to the withering criticism of Recall, Microsoft said last week that it will no longer be enabled by default on Copilot+ PCs.

Only one of the patches released today — CVE-2004-30080 — earned Microsoft’s most urgent “critical” rating, meaning malware or malcontents could exploit the vulnerability to remotely seize control over a user’s system, without any user interaction.

CVE-2024-30080 is a flaw in the **Microsoft Message Queuing** (MSMQ) service that can allow attackers to execute code of their choosing. Microsoft says exploitation of this weakness is likely, enough to encourage users to disable the vulnerable component if updating isn’t possible in the short run. CVE-2024-30080 has been assigned a CVSS vulnerability score of 9.8 (10 is the worst).

**Kevin Breen**, senior director of threat research at **Immersive Labs**, said a saving grace is that MSMQ is not a default service on Windows.

“A Shodan search for MSMQ reveals there are a few thousand potentially internet-facing MSSQ servers that could be vulnerable to zero-day attacks if not patched quickly,” Breen said.

CVE-2024-30078 is a remote code execution weakness in the **Windows WiFi Driver**, which also has a CVSS score of 9.8. According to Microsoft, an unauthenticated attacker could exploit this bug by sending a malicious data packet to anyone else on the same network — meaning this flaw assumes the attacker has access to the local network.

Microsoft also fixed a number of serious security issues with its **Office** applications, including at least two remote-code execution flaws, said **Adam Barnett**, lead software engineer at **Rapid7**.

“CVE-2024-30101 is a vulnerability in **Outlook**; although the Preview Pane is a vector, the user must subsequently perform unspecified specific actions to trigger the vulnerability and the attacker must win a race condition,” Barnett said. “CVE-2024-30104 does not have the Preview Pane as a vector, but nevertheless ends up with a slightly higher CVSS base score of 7.8, since exploitation relies solely on the user opening a malicious file.”

Separately, Adobe released security updates for **Acrobat**, **ColdFusion**, and **Photoshop**, among others.

As usual, the SANS Internet Storm Center has the skinny on the individual patches released today, indexed by severity, exploitability and urgency. Windows admins should also keep an eye on AskWoody.com, which often publishes early reports of any Windows patches gone awry.

Patch Tuesday, June 2024 “Recall” Edition

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol.

Was this article helpful?   Yes     No | 6 people found this helpful in last 30 days

First published: 2021-11-11

**Associated CVE IDs**

**WPS connection Vulnerabilities**

CVE-2021-35055, CVE-2021-37560, CVE-2021-37561, CVE-2021-37584, CVE-2021-37563, CVE-2021-32467, CVE-2021-32468, CVE-2021-32469, CVE-2021-37562

**IEEE 1905 Vulnerabilities**

CVE-2021-37566, CVE-2021-37569, CVE-2021-37568, CVE-2021-37583, CVE-2021-37571, CVE-2021-37567, CVE-2021-37565, CVE-2021-37564, CVE-2021-37570, CVE-2021-37572

NETGEAR is aware of industry-wide WiFi WPS and IEEE-1905 security vulnerabilities on products containing MediaTek microchips.

NETGEAR is working with MediaTek and plans to release firmware updates that fix these WiFi WPS and IEEE-1905 vulnerabilities for all products that are within the security support period, which we will release as they become available.

**Workarounds**

No workarounds are available for this vulnerability.

**Disclaimer**

This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information in the document or materials linked from the document is at your own risk. NETGEAR reserves the right to change or update this document at any time. NETGEAR expects to update this document as new information becomes available.

The WiFi WPS and IEEE-1905 vulnerabilities remain if you do not complete all recommended steps. NETGEAR is not responsible for any consequences that could have been avoided by following the recommendations in this notification.

**Acknowledgements**

MediaTek

**Common Vulnerability Scoring System**

Rating: High

Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

**Best Practices for Updating Firmware**

We recommend that you keep your NETGEAR devices up to date with the latest firmware. Firmware updates contain security fixes, bug fixes, and new features for your NETGEAR products.

If your product is supported by one of our apps, using the app is the easiest way to update your firmware:

*   Orbi products: NETGEAR Orbi app
*   NETGEAR WiFi routers: NETGEAR Nighthawk app
*   Some NETGEAR Business products: NETGEAR Insight app (firmware updates through the app are available only for Insight subscribers)

If your product is not supported by one of our apps, you can always update your firmware manually by following the instructions in your product’s user manual, firmware release notes, or product support page. For more information, see Where can I find information about my NETGEAR product?.

**Contact**

We appreciate and value having security concerns brought to our attention. NETGEAR constantly monitors for both known and unknown threats. Being pro-active rather than re-active to emerging security issues is fundamental for product support at NETGEAR.

It is NETGEAR's mission to be the innovative leader in connecting the world to the internet. To achieve this mission, we strive to earn and maintain the trust of those that use NETGEAR products for their connectivity.

To report a security vulnerability, visit https://bugcrowd.com/netgear. 

If you are a NETGEAR customer with a security-related support concern, you can contact NETGEAR customer support at techsupport.security@netgear.com. 

For all other issues, visit http://www.netgear.com/about/security/. 

**Revision History**

2021-11-11: Published advisory

Last Updated:11/12/2021 | Article ID: 000064368

**Was this article helpful?**Yes No

**This article applies to:**

How to Find Your Model Number

**Looking for more about your product?**

Get information, documentation, videos and more for your specific product.

**Need to Contact Support?**

With NETGEAR’s round-the-clock premium support, help is just a phone call away.

**Complimentary Support**

NETGEAR provides complimentary technical support for NETGEAR products for 90 days from the original date of purchase.

Contact Support

**NETGEAR Premium Support**

**GearHead Support for Home Users**

GearHead Support is a technical support service for NETGEAR devices and all other connected devices in your home. Advanced remote support tools are used to fix issues on any of your devices. The service includes support for the following:

*   Desktop and Notebook PCs, Wired and Wireless Routers, Modems, Printers, Scanners, Fax Machines, USB devices and Sound Cards
*   Windows Operating Systems (2000, XP or Vista), MS Word, Excel, PowerPoint, Outlook and Adobe Acrobat
*   Anti-virus and Anti-Spyware: McAfee, Norton, AVG, eTrust and BitDefender

Learn More

**ProSUPPORT Services for Business Users**

NETGEAR ProSUPPORT services are available to supplement your technical support and warranty entitlements. NETGEAR offers a variety of ProSUPPORT services that allow you to access NETGEAR's expertise in a way that best meets your needs:

*   Product Installation
*   Professional Wireless Site Survey
*   Defective Drive Retention (DDR) Service

Learn More

CVE-2021-37584: Security Advisory for WiFi WPS and IEEE-1905 Vulnerabilities on Multiple Products, PSV-2021-0298 & PSV-2021-0300 | Answer

Certain NETGEAR devices are affected by privilege escalation. This affects R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, and RS400 before 1.5.1.80.

Was this article helpful?   Yes     No

Associated CVE IDs: None 

First published: 2021-12-22

NETGEAR has released fixes for a vertical privilege escalation security vulnerability on the following product models:

*   R6900P, running firmware versions prior to 1.3.3.140
*   R7000, running firmware versions prior to 1.0.11.126
*   R7000P, running firmware versions prior to 1.3.3.140
*   RS400, running firmware versions prior to 1.5.1.80

NETGEAR strongly recommends that you download the latest firmware as soon as possible.

**To download the latest firmware for your NETGEAR product:**

1.  Visit NETGEAR Support.
2.  Start typing your model number in the search box, then select your model from the drop-down menu as soon as it appears.  
     If you do not see a drop-down menu, make sure that you entered your model number correctly, or select a product category to browse for your product model.
3.  Click **Downloads**.
4.  Under **Current Versions**, select the download whose title begins with **Firmware Version**. 
5.  Click **Download**.
6.  Follow the instructions in your product’s user manual, firmware release notes, or product support page to install the new firmware.

**Disclaimer**

This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information in the document or materials linked from the document is at your own risk. NETGEAR reserves the right to change or update this document at any time. NETGEAR expects to update this document as new information becomes available.

The vertical privilege escalation vulnerability remains if you do not complete all recommended steps. NETGEAR is not responsible for any consequences that could have been avoided by following the recommendations in this notification.

**Acknowledgements**

lm0963

**Common Vulnerability Scoring System**

CVSS Rating: High

CVSS Score: 8.4

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

**Best Practices for Updating Firmware**

We recommend that you keep your NETGEAR devices up to date with the latest firmware. Firmware updates contain security fixes, bug fixes, and new features for your NETGEAR products. 

If your product is supported by one of our apps, using the app is the easiest way to update your firmware:

*   Orbi products: NETGEAR Orbi app
*   NETGEAR WiFi routers: NETGEAR Nighthawk app
*   Some NETGEAR Business products: NETGEAR Insight app (firmware updates through the app are available only for Insight subscribers)

If your product is not supported by one of our apps, you can always update your firmware manually by following the instructions in your product’s user manual, firmware release notes, or product support page. For more information, see Where can I find information about my NETGEAR product?.

**Contact**

We appreciate and value having security concerns brought to our attention. NETGEAR constantly monitors for both known and unknown threats. Being pro-active rather than re-active to emerging security issues is fundamental for product support at NETGEAR.

It is NETGEAR's mission to be the innovative leader in connecting the world to the internet. To achieve this mission, we strive to earn and maintain the trust of those that use NETGEAR products for their connectivity.

To report a security vulnerability, visit http://www.netgear.com/about/security/. 

If you are a NETGEAR customer with a security-related support concern, you can contact NETGEAR customer support at techsupport.security@netgear.com. 

**Revision History**

2021-12-22: Published advisory

Last Updated:12/23/2021 | Article ID: 000064528

**Was this article helpful?**Yes No

**This article applies to:**

*   Wireless AC Router Nighthawk (4)
    *   R6900P
    *   R7000
    *   R7000P
    *   RS400

How to Find Your Model Number

**Looking for more about your product?**

Get information, documentation, videos and more for your specific product.

**Need to Contact Support?**

With NETGEAR’s round-the-clock premium support, help is just a phone call away.

**Complimentary Support**

NETGEAR provides complimentary technical support for NETGEAR products for 90 days from the original date of purchase.

Contact Support

**NETGEAR Premium Support**

**GearHead Support for Home Users**

GearHead Support is a technical support service for NETGEAR devices and all other connected devices in your home. Advanced remote support tools are used to fix issues on any of your devices. The service includes support for the following:

*   Desktop and Notebook PCs, Wired and Wireless Routers, Modems, Printers, Scanners, Fax Machines, USB devices and Sound Cards
*   Windows Operating Systems (2000, XP or Vista), MS Word, Excel, PowerPoint, Outlook and Adobe Acrobat
*   Anti-virus and Anti-Spyware: McAfee, Norton, AVG, eTrust and BitDefender

Learn More

**ProSUPPORT Services for Business Users**

NETGEAR ProSUPPORT services are available to supplement your technical support and warranty entitlements. NETGEAR offers a variety of ProSUPPORT services that allow you to access NETGEAR's expertise in a way that best meets your needs:

*   Product Installation
*   Professional Wireless Site Survey
*   Defective Drive Retention (DDR) Service

Learn More

CVE-2021-45679: Security Advisory for Vertical Privilege Escalation on Some Routers, PSV-2021-0043 | Answer

NETGEAR RAX200 devices before 1.0.5.132 are affected by insecure code.

Was this article helpful?   Yes     No

First published: 2021-10-01

NETGEAR has released fixes for multiple security vulnerabilities on the following product models:

*   RAX200 fixed in firmware version 1.0.5.132

NETGEAR has released a firmware update to refine code and update third party software packages to reduce potential security vulnerabilities. NETGEAR will update this advisory when more information is available.

NETGEAR strongly recommends that you download the latest firmware as soon as possible.

**To download the latest firmware for your NETGEAR product:**

1.  Visit NETGEAR Support.
2.  Start typing your model number in the search box, then select your model from the drop-down menu as soon as it appears.  
    If you do not see a drop-down menu, make sure that you entered your model number correctly, or select a product category to browse for your product model.
3.  Click **Downloads**.
4.  Under **Current Versions**, select the first download whose title begins with **Firmware Version**.
5.  Click **Release Notes**.
6.  Follow the instructions in the firmware release notes to download and install the new firmware.

**Disclaimer**

This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information in the document or materials linked from the document is at your own risk. NETGEAR reserves the right to change or update this document at any time. NETGEAR expects to update this document as new information becomes available.

The potential security vulnerabilities remain if you do not complete all recommended steps. NETGEAR is not responsible for any consequences that could have been avoided by following the recommendations in this notification.

**Acknowledgements**

CHIP.de

**Best Practices for Updating Firmware**

We recommend that you keep your NETGEAR devices up to date with the latest firmware. Firmware updates contain security fixes, bug fixes, and new features for your NETGEAR products.

If your product is supported by one of our apps, using the app is the easiest way to update your firmware:

*   Orbi products: NETGEAR Orbi app
*   NETGEAR WiFi routers: NETGEAR Nighthawk app
*   Some NETGEAR Business products: NETGEAR Insight app (firmware updates through the app are available only for Insight subscribers)

If your product is not supported by one of our apps, you can always update your firmware manually by following the instructions in your product’s user manual, firmware release notes, or product support page. For more information, see Where can I find information about my NETGEAR product?.

**Contact**

We appreciate and value having security concerns brought to our attention. NETGEAR constantly monitors for both known and unknown threats. Being pro-active rather than re-active to emerging security issues is fundamental for product support at NETGEAR.

It is NETGEAR's mission to be the innovative leader in connecting the world to the internet. To achieve this mission, we strive to earn and maintain the trust of those that use NETGEAR products for their connectivity.

To report a security vulnerability, visit https://bugcrowd.com/netgear. 

If you are a NETGEAR customer with a security-related support concern, you can contact NETGEAR customer support at techsupport.security@netgear.com. 

For all other issues, visit http://www.netgear.com/about/security/. 

**Revision History**

2021-10-01: Published advisory

Last Updated:10/01/2021 | Article ID: 000064171

**Was this article helpful?**Yes No

**This article applies to:**

*   Wireless AX Router Nighthawk (WiFi 6) (1)
    *   RAX200

How to Find Your Model Number

**Looking for more about your product?**

Get information, documentation, videos and more for your specific product.

**Need to Contact Support?**

With NETGEAR’s round-the-clock premium support, help is just a phone call away.

**Complimentary Support**

NETGEAR provides complimentary technical support for NETGEAR products for 90 days from the original date of purchase.

Contact Support

**NETGEAR Premium Support**

**GearHead Support for Home Users**

GearHead Support is a technical support service for NETGEAR devices and all other connected devices in your home. Advanced remote support tools are used to fix issues on any of your devices. The service includes support for the following:

*   Desktop and Notebook PCs, Wired and Wireless Routers, Modems, Printers, Scanners, Fax Machines, USB devices and Sound Cards
*   Windows Operating Systems (2000, XP or Vista), MS Word, Excel, PowerPoint, Outlook and Adobe Acrobat
*   Anti-virus and Anti-Spyware: McAfee, Norton, AVG, eTrust and BitDefender

Learn More

**ProSUPPORT Services for Business Users**

NETGEAR ProSUPPORT services are available to supplement your technical support and warranty entitlements. NETGEAR offers a variety of ProSUPPORT services that allow you to access NETGEAR's expertise in a way that best meets your needs:

*   Product Installation
*   Professional Wireless Site Survey
*   Defective Drive Retention (DDR) Service

Learn More

CVE-2021-45678: Security Advisory for Updates on the RAX200, PSV-2021-0192 | Answer

NETGEAR R7000 devices before 1.0.11.126 are affected by stored XSS.

Was this article helpful?   Yes     No

Associated CVE IDs: None 

First published: 2021-12-20

NETGEAR has released fixes for a stored cross site scripting security vulnerability on the following product models:

*   R7000, running firmware versions prior to 1.0.11.126

NETGEAR strongly recommends that you download the latest firmware as soon as possible.

**To download the latest firmware for your NETGEAR product:**

1.  Visit NETGEAR Support.
2.  Start typing your model number in the search box, then select your model from the drop-down menu as soon as it appears.  
     If you do not see a drop-down menu, make sure that you entered your model number correctly, or select a product category to browse for your product model.
3.  Click **Downloads**.
4.  Under **Current Versions**, select the download whose title begins with **Firmware Version**. 
5.  Click **Download**.
6.  Follow the instructions in your product’s user manual, firmware release notes, or product support page to install the new firmware.

**Disclaimer**

This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information in the document or materials linked from the document is at your own risk. NETGEAR reserves the right to change or update this document at any time. NETGEAR expects to update this document as new information becomes available.

The stored cross site scripting vulnerability remains if you do not complete all recommended steps. NETGEAR is not responsible for any consequences that could have been avoided by following the recommendations in this notification.

**Acknowledgements**

Bugcrowd

**Common Vulnerability Scoring System**

CVSS Rating: Medium

CVSS Score: 6.1

CVSS Vector: CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

**Best Practices for Updating Firmware**

We recommend that you keep your NETGEAR devices up to date with the latest firmware. Firmware updates contain security fixes, bug fixes, and new features for your NETGEAR products. 

If your product is supported by one of our apps, using the app is the easiest way to update your firmware:

*   Orbi products: NETGEAR Orbi app
*   NETGEAR WiFi routers: NETGEAR Nighthawk app
*   Some NETGEAR Business products: NETGEAR Insight app (firmware updates through the app are available only for Insight subscribers)

If your product is not supported by one of our apps, you can always update your firmware manually by following the instructions in your product’s user manual, firmware release notes, or product support page. For more information, see Where can I find information about my NETGEAR product?.

**Contact**

We appreciate and value having security concerns brought to our attention. NETGEAR constantly monitors for both known and unknown threats. Being pro-active rather than re-active to emerging security issues is fundamental for product support at NETGEAR.

It is NETGEAR's mission to be the innovative leader in connecting the world to the internet. To achieve this mission, we strive to earn and maintain the trust of those that use NETGEAR products for their connectivity.

To report a security vulnerability, visit http://www.netgear.com/about/security/. 

If you are a NETGEAR customer with a security-related support concern, you can contact NETGEAR customer support at techsupport.security@netgear.com. 

**Revision History**

2021-12-20: Published advisory

Last Updated:12/20/2021 | Article ID: 000064444

**Was this article helpful?**Yes No

**This article applies to:**

*   Wireless AC Router Nighthawk (1)
    *   R7000

How to Find Your Model Number

**Looking for more about your product?**

Get information, documentation, videos and more for your specific product.

**Need to Contact Support?**

With NETGEAR’s round-the-clock premium support, help is just a phone call away.

**Complimentary Support**

NETGEAR provides complimentary technical support for NETGEAR products for 90 days from the original date of purchase.

Contact Support

**NETGEAR Premium Support**

**GearHead Support for Home Users**

GearHead Support is a technical support service for NETGEAR devices and all other connected devices in your home. Advanced remote support tools are used to fix issues on any of your devices. The service includes support for the following:

*   Desktop and Notebook PCs, Wired and Wireless Routers, Modems, Printers, Scanners, Fax Machines, USB devices and Sound Cards
*   Windows Operating Systems (2000, XP or Vista), MS Word, Excel, PowerPoint, Outlook and Adobe Acrobat
*   Anti-virus and Anti-Spyware: McAfee, Norton, AVG, eTrust and BitDefender

Learn More

**ProSUPPORT Services for Business Users**

NETGEAR ProSUPPORT services are available to supplement your technical support and warranty entitlements. NETGEAR offers a variety of ProSUPPORT services that allow you to access NETGEAR's expertise in a way that best meets your needs:

*   Product Installation
*   Professional Wireless Site Survey
*   Defective Drive Retention (DDR) Service

Learn More

CVE-2021-45663: Security Advisory for Stored Cross Site Scripting on R7000, PSV-2018-0422 | Answer

NETGEAR R7000 devices before 1.0.9.88 are affected by stored XSS.

Was this article helpful?   Yes     No

Associated CVE IDs: None 

First published: 2021-12-20

NETGEAR has released fixes for a stored cross site scripting security vulnerability on the following product models:

*   R7000, running firmware versions prior to 1.0.9.88

NETGEAR strongly recommends that you download the latest firmware as soon as possible.

**To download the latest firmware for your NETGEAR product:**

1.  Visit NETGEAR Support.
2.  Start typing your model number in the search box, then select your model from the drop-down menu as soon as it appears.  
     If you do not see a drop-down menu, make sure that you entered your model number correctly, or select a product category to browse for your product model.
3.  Click **Downloads**.
4.  Under **Current Versions**, select the download whose title begins with **Firmware Version**. 
5.  Click **Download**.
6.  Follow the instructions in your product’s user manual, firmware release notes, or product support page to install the new firmware.

**Disclaimer**

This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information in the document or materials linked from the document is at your own risk. NETGEAR reserves the right to change or update this document at any time. NETGEAR expects to update this document as new information becomes available.

The stored cross site scripting vulnerability remains if you do not complete all recommended steps. NETGEAR is not responsible for any consequences that could have been avoided by following the recommendations in this notification.

**Acknowledgements**

Bugcrowd

**Common Vulnerability Scoring System**

CVSS Rating: Medium

CVSS Score: 6.1

CVSS Vector: CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

**Best Practices for Updating Firmware**

We recommend that you keep your NETGEAR devices up to date with the latest firmware. Firmware updates contain security fixes, bug fixes, and new features for your NETGEAR products. 

If your product is supported by one of our apps, using the app is the easiest way to update your firmware:

*   Orbi products: NETGEAR Orbi app
*   NETGEAR WiFi routers: NETGEAR Nighthawk app
*   Some NETGEAR Business products: NETGEAR Insight app (firmware updates through the app are available only for Insight subscribers)

If your product is not supported by one of our apps, you can always update your firmware manually by following the instructions in your product’s user manual, firmware release notes, or product support page. For more information, see Where can I find information about my NETGEAR product?.

**Contact**

We appreciate and value having security concerns brought to our attention. NETGEAR constantly monitors for both known and unknown threats. Being pro-active rather than re-active to emerging security issues is fundamental for product support at NETGEAR.

It is NETGEAR's mission to be the innovative leader in connecting the world to the internet. To achieve this mission, we strive to earn and maintain the trust of those that use NETGEAR products for their connectivity.

To report a security vulnerability, visit http://www.netgear.com/about/security/. 

If you are a NETGEAR customer with a security-related support concern, you can contact NETGEAR customer support at techsupport.security@netgear.com. 

**Revision History**

2021-12-20: Published advisory

Last Updated:12/20/2021 | Article ID: 000064443

**Was this article helpful?**Yes No

**This article applies to:**

*   Wireless AC Router Nighthawk (1)
    *   R7000

How to Find Your Model Number

**Looking for more about your product?**

Get information, documentation, videos and more for your specific product.

**Need to Contact Support?**

With NETGEAR’s round-the-clock premium support, help is just a phone call away.

**Complimentary Support**

NETGEAR provides complimentary technical support for NETGEAR products for 90 days from the original date of purchase.

Contact Support

**NETGEAR Premium Support**

**GearHead Support for Home Users**

GearHead Support is a technical support service for NETGEAR devices and all other connected devices in your home. Advanced remote support tools are used to fix issues on any of your devices. The service includes support for the following:

*   Desktop and Notebook PCs, Wired and Wireless Routers, Modems, Printers, Scanners, Fax Machines, USB devices and Sound Cards
*   Windows Operating Systems (2000, XP or Vista), MS Word, Excel, PowerPoint, Outlook and Adobe Acrobat
*   Anti-virus and Anti-Spyware: McAfee, Norton, AVG, eTrust and BitDefender

Learn More

**ProSUPPORT Services for Business Users**

NETGEAR ProSUPPORT services are available to supplement your technical support and warranty entitlements. NETGEAR offers a variety of ProSUPPORT services that allow you to access NETGEAR's expertise in a way that best meets your needs:

*   Product Installation
*   Professional Wireless Site Survey
*   Defective Drive Retention (DDR) Service

Learn More

CVE-2021-45662: Security Advisory for Stored Cross Site Scripting on R7000, PSV-2018-0420 | Answer

Certain NETGEAR devices are affected by stored XSS. This affects GS108Tv2 before 5.4.2.36 and GS110TPv2 before 5.4.2.36.

Was this article helpful?   Yes     No

Associated CVE IDs: None 

First published: 2021-12-20

NETGEAR has released fixes for a stored cross site scripting security vulnerability on the following product models:

*   GS108Tv2, running firmware versions prior to 5.4.2.36
*   GS110TPv2, running firmware versions prior to 5.4.2.36

NETGEAR strongly recommends that you download the latest firmware as soon as possible.

**To download the latest firmware for your NETGEAR product:**

1.  Visit NETGEAR Support.
2.  Start typing your model number in the search box, then select your model from the drop-down menu as soon as it appears.  
     If you do not see a drop-down menu, make sure that you entered your model number correctly, or select a product category to browse for your product model.
3.  Click **Downloads**.
4.  Under **Current Versions**, select the download whose title begins with **Firmware Version**. 
5.  Click **Download**.
6.  Follow the instructions in your product’s user manual, firmware release notes, or product support page to install the new firmware.

**Disclaimer**

This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information in the document or materials linked from the document is at your own risk. NETGEAR reserves the right to change or update this document at any time. NETGEAR expects to update this document as new information becomes available.

The stored cross site scripting vulnerability remains if you do not complete all recommended steps. NETGEAR is not responsible for any consequences that could have been avoided by following the recommendations in this notification.

**Acknowledgements**

gdr

**Common Vulnerability Scoring System**

CVSS Rating: Medium

CVSS Score: 5.2

CVSS Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

**Best Practices for Updating Firmware**

We recommend that you keep your NETGEAR devices up to date with the latest firmware. Firmware updates contain security fixes, bug fixes, and new features for your NETGEAR products. 

If your product is supported by one of our apps, using the app is the easiest way to update your firmware:

*   Orbi products: NETGEAR Orbi app
*   NETGEAR WiFi routers: NETGEAR Nighthawk app
*   Some NETGEAR Business products: NETGEAR Insight app (firmware updates through the app are available only for Insight subscribers)

If your product is not supported by one of our apps, you can always update your firmware manually by following the instructions in your product’s user manual, firmware release notes, or product support page. For more information, see Where can I find information about my NETGEAR product?.

**Contact**

We appreciate and value having security concerns brought to our attention. NETGEAR constantly monitors for both known and unknown threats. Being pro-active rather than re-active to emerging security issues is fundamental for product support at NETGEAR.

It is NETGEAR's mission to be the innovative leader in connecting the world to the internet. To achieve this mission, we strive to earn and maintain the trust of those that use NETGEAR products for their connectivity.

To report a security vulnerability, visit http://www.netgear.com/about/security/. 

If you are a NETGEAR customer with a security-related support concern, you can contact NETGEAR customer support at techsupport.security@netgear.com. 

**Revision History**

2021-12-20: Published advisory

Last Updated:12/20/2021 | Article ID: 000064448

**Was this article helpful?**Yes No

**This article applies to:**

*   Standalone Switch (2)
    *   GS108Tv2
    *   GS110TPv2

How to Find Your Model Number

**Looking for more about your product?**

Get information, documentation, videos and more for your specific product.

**Need to Contact Support?**

With NETGEAR’s round-the-clock premium support, help is just a phone call away.

**Complimentary Support**

NETGEAR provides complimentary technical support for NETGEAR products for 90 days from the original date of purchase.

Contact Support

**NETGEAR Premium Support**

**GearHead Support for Home Users**

GearHead Support is a technical support service for NETGEAR devices and all other connected devices in your home. Advanced remote support tools are used to fix issues on any of your devices. The service includes support for the following:

*   Desktop and Notebook PCs, Wired and Wireless Routers, Modems, Printers, Scanners, Fax Machines, USB devices and Sound Cards
*   Windows Operating Systems (2000, XP or Vista), MS Word, Excel, PowerPoint, Outlook and Adobe Acrobat
*   Anti-virus and Anti-Spyware: McAfee, Norton, AVG, eTrust and BitDefender

Learn More

**ProSUPPORT Services for Business Users**

NETGEAR ProSUPPORT services are available to supplement your technical support and warranty entitlements. NETGEAR offers a variety of ProSUPPORT services that allow you to access NETGEAR's expertise in a way that best meets your needs:

*   Product Installation
*   Professional Wireless Site Survey
*   Defective Drive Retention (DDR) Service

Learn More

CVE-2021-45677: Security Advisory for Stored Cross Site Scripting on Some Smart Managed Pro Switches, PSV-2019-0191 | Answer

Was this article helpful?   Yes     No

Associated CVE IDs: None 

First published: 2021-09-26

NETGEAR has released fixes for a stored cross site scripting security vulnerability on the following product models:

*   R7000, running firmware versions prior to 1.0.11.126

NETGEAR strongly recommends that you download the latest firmware as soon as possible.

**To download the latest firmware for your NETGEAR product:**

1.  Visit NETGEAR Support.
2.  Start typing your model number in the search box, then select your model from the drop-down menu as soon as it appears.  
     If you do not see a drop-down menu, make sure that you entered your model number correctly, or select a product category to browse for your product model.
3.  Click **Downloads**.
4.  Under **Current Versions**, select the download whose title begins with **Firmware Version**. 
5.  Click **Download**.
6.  Follow the instructions in your product’s user manual, firmware release notes, or product support page to install the new firmware.

**Disclaimer**

This document is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information in the document or materials linked from the document is at your own risk. NETGEAR reserves the right to change or update this document at any time. NETGEAR expects to update this document as new information becomes available.

The stored cross site scripting vulnerability remains if you do not complete all recommended steps. NETGEAR is not responsible for any consequences that could have been avoided by following the recommendations in this notification.

**Acknowledgements**

MiniRocketTeam

**Common Vulnerability Scoring System**

CVSS Rating: Medium

CVSS Score: 5.6

CVSS Vector: CVSS:3.0/AV:P/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N

**Best Practices for Updating Firmware**

We recommend that you keep your NETGEAR devices up to date with the latest firmware. Firmware updates contain security fixes, bug fixes, and new features for your NETGEAR products. 

If your product is supported by one of our apps, using the app is the easiest way to update your firmware:

*   Orbi products: NETGEAR Orbi app
*   NETGEAR WiFi routers: NETGEAR Nighthawk app
*   Some NETGEAR Business products: NETGEAR Insight app (firmware updates through the app are available only for Insight subscribers)

If your product is not supported by one of our apps, you can always update your firmware manually by following the instructions in your product’s user manual, firmware release notes, or product support page. For more information, see Where can I find information about my NETGEAR product?.

**Contact**

We appreciate and value having security concerns brought to our attention. NETGEAR constantly monitors for both known and unknown threats. Being pro-active rather than re-active to emerging security issues is fundamental for product support at NETGEAR.

It is NETGEAR's mission to be the innovative leader in connecting the world to the internet. To achieve this mission, we strive to earn and maintain the trust of those that use NETGEAR products for their connectivity.

To report a security vulnerability, visit http://www.netgear.com/about/security/. 

If you are a NETGEAR customer with a security-related support concern, you can contact NETGEAR customer support at techsupport.security@netgear.com. 

**Revision History**

2021-09-26: Published advisory

Last Updated:10/01/2021 | Article ID: 000064076

**Was this article helpful?**Yes No

**This article applies to:**

*   Wireless AC Router Nighthawk (1)
    *   R7000

How to Find Your Model Number

**Looking for more about your product?**

Get information, documentation, videos and more for your specific product.

**Need to Contact Support?**

With NETGEAR’s round-the-clock premium support, help is just a phone call away.

**Complimentary Support**

NETGEAR provides complimentary technical support for NETGEAR products for 90 days from the original date of purchase.

Contact Support

**NETGEAR Premium Support**

**GearHead Support for Home Users**

GearHead Support is a technical support service for NETGEAR devices and all other connected devices in your home. Advanced remote support tools are used to fix issues on any of your devices. The service includes support for the following:

*   Desktop and Notebook PCs, Wired and Wireless Routers, Modems, Printers, Scanners, Fax Machines, USB devices and Sound Cards
*   Windows Operating Systems (2000, XP or Vista), MS Word, Excel, PowerPoint, Outlook and Adobe Acrobat
*   Anti-virus and Anti-Spyware: McAfee, Norton, AVG, eTrust and BitDefender

Learn More

**ProSUPPORT Services for Business Users**

NETGEAR ProSUPPORT services are available to supplement your technical support and warranty entitlements. NETGEAR offers a variety of ProSUPPORT services that allow you to access NETGEAR's expertise in a way that best meets your needs:

*   Product Installation
*   Professional Wireless Site Survey
*   Defective Drive Retention (DDR) Service

Learn More

Search

outlook iniciare sesión