Volerion logoVolerion
Volerion logoVolerion

NETGEAR Nighthawk Pro Gaming Routers Unauthenticated Remote Code Execution Vulnerability

Vulnerability

A remote code execution vulnerability has been identified in several NETGEAR Nighthawk Pro Gaming WiFi routers, specifically the XR1000 model prior to version 1.0.0.74, the XR1000v2 model prior to version 1.1.0.22, and the XR500 model prior to version 2.3.2.134. This vulnerability allows unauthenticated users to execute arbitrary code on the affected devices.

Impact

Exploitation of this vulnerability allows for unauthorized remote code execution on the affected routers.

Remediation

Users are advised to update to the latest firmware versions: XR1000 to version 1.0.0.74, XR1000v2 to version 1.1.0.22, and XR500 to version 2.3.2.134. The latest firmware can be downloaded from the NETGEAR Support website. For Orbi products, the NETGEAR Orbi app can be used to update firmware. Some NETGEAR Business products can be updated through the NETGEAR Insight app, available only for Insight subscribers.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
4.5
impact
7.5
exploitability
7.0
remediation
7.7
relevance
0.0
threat
0.1
urgency
2.9
incentive
5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.