Vertical Privilege escalation vulnerability on Netgear devices

A critical vulnerability of the type -privilege escalation has been found on multiple models of Netgear routers. The vulnerability can cause escalation of privilege on the Netgear routers, though no records of the exploits have been discovered or documented yet. The vulnerability was first announced on 10th August, 2021.

What is the CVSS score of the vulnerability on the Netgear devices?

The privilege escalation vulnerability is being tracked under CVE-2021-38539. It carries a base score of 7.5, which signifies medium impact on the IT infrastructure. The NIST website puts this as a HIGH impact vulnerability with a base temporal score of 8.8.

What Netgear devices are affected with the CVE-2021-38539?

The following models of Netgear devices are affected with vertical privilege escalation attacks under CVE-2021-38539:

• D8500, running firmware versions prior to 1.0.3.44
• R6400v2, running firmware versions prior to 1.0.2.66
• R6700, running firmware versions prior to 1.0.2.6
• R6700v3, running firmware versions prior to 1.0.2.66
• R6900, running firmware versions prior to 1.0.2.4
• R6900P, running firmware versions prior to 1.3.2.126
• R7000, running firmware versions prior to 1.0.9.42
• R7000P, running firmware versions prior to 1.3.2.126
• R7100LG, running firmware versions prior to 1.0.0.50
• R7300DST, running firmware versions prior to 1.0.0.70
• R7900, running firmware versions prior to 1.0.3.10
• R8300, running firmware versions prior to 1.0.2.130
• R8500, running firmware versions prior to 1.0.2.130

What is the remedy for the CVE-2021-38539?

Netgear has released a firmware update for the affected router models. Please update the firmware on your Netgear model to the latest version to remain patched against the vulnerability.

How can I update firmware on my Netgear router?

To check for new firmware and update your Netgear router manually:

1. Connect your computer to your router with an Ethernet cable.
2. Launch a web browser and enter routerlogin.net into the address bar. This should bring up a login screen.
   The router login window displays.
3. Enter the router admin user name and password. The default user name is admin. The password is the one you specified the first time you logged in. The user name and password are case-sensitive.
4. Select Firmware Update or Router Update.
5. Click Check. This will check the firmware availability for your series of routers.
6. The router searches for new firmware.
7. If new firmware is available, click Yes.

Once you click Yes, please do not interrupt the firmware update cycle. Do not use the Internet during the firmware update process. Let the router download the firmware, install it on the device. Once the firmware is installed on the router, it will re-start. Upon restart, you should verify the firmware version on your Netgear router.

How can I check the current firmware version on the Netgear router?

1. Launch a web browser from a computer or mobile device that is connected to your network.
2. Enter http://192.168.100.1. This could also be another IP address. So, please do check the correct IP address for your Netgear router.
3. Enter your router’s user name and password.
   The user name is admin. The default password is password. The user name and password are case-sensitive.
   The BASIC Netgear Home page displays.
4. Select ADVANCED.
   The firmware version displays on this screen.

Summary

Multiple Netgear router models are affected with privilege escalation vulnerability. It is recommended to install the latest firmware update on Netgear’s affected router models to resolve the vulnerability.