NETGEAR Nighthawk Routers Improper Input Validation Vulnerability Allowing DNS Manipulation and Command Execution

A vulnerability exists in the speedtest feature of certain NETGEAR Nighthawk routers, including models RS700, RAX54Sv2, RAX41v2, RAX50, RAXE500, RAX41, RAX43, RAX35v2, RAXE450, RAX43v2, RAX42, RAX45, RAX50v2, MR90, MS90, RAX42v2, and RAX49S. This vulnerability, caused by improper input validation, allows attackers on the router's WAN side to use man-in-the-middle techniques to manipulate DNS responses. As a result, they can execute commands when speedtests are conducted.

Impact

Exploitation of this vulnerability could lead to unauthorized command execution on the affected router.

Remediation

Users can check their router's firmware version and update it to the latest version available. For most affected models, the latest firmware can be downloaded from the NETGEAR Download Center. However, it's important to note that the RS700 model has reached its End-of-Support phase, and no security updates are planned.