Experts from Cisco Talos (opens in new tab), ironically part of one of Netgear’s biggest rivals, revealed that three of the four vulnerabilities have since been patched, including one critical issue that was awarded a score of 9.1 out of 10.
However, one (less severe) issue remains at large.
Netgear Orbi security vulnerabilities
The most significant finding – CVE-2022-37337 – has luckily been patched. According to Talos, “the access control functionality of the Orbi RBR750 allows a user to explicitly add devices (specified by MAC address and a hostname) to allow or block the specified device when attempting to access the network.”
Many were reasonably safe from attacks because the hacker would have needed to gain access to the device, primarily leaving unprotected networks at risk, however even some protected networks may have been exposed due to weak SSID passwords.
A further two issues existed, though as above, they have been issued a patch. The fourth issue, which remains unfixed, is specific to the router node meaning that even Orbi users who have not rolled out the full mesh Wi-Fi 6 setup are at risk. The Talos summary reads:
“A command execution vulnerability exists in the hidden telnet service functionality of Netgear Orbi Router RBR750 18.104.22.168. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability.”
Enabling automatic updates is sensible to help prevent attacks, however sometimes critical vulnerabilities come around and require a more proactive approach. Manually checking for an update can help make sure that it hasn’t been missed, or is not scheduled for a future installation.