"Details Disclosed for Exploit Chain That Allows Hacking of Netgear Routers"
Industrial and IoT cybersecurity firm Claroty recently disclosed the details of five vulnerabilities that can be chained in an exploit, potentially allowing threat actors to hack certain Netgear routers. The vulnerabilities were first presented at the 2022 Pwn2Own Toronto hacking competition, where white hat hackers earned a total of nearly $1 million for exploits targeting smartphones, printers, NAS devices, smart speakers, and routers. Claroty's router exploit, which targeted Netgear's Nighthawk RAX30 SOHO router, earned the company's researchers $2,500 at Pwn2Own. Claroty noted that the flaws used in the exploit chain are tracked as CVE-2023-27357, CVE-2023-27367, CVE-2023-27368, CVE-2023-27369, and CVE-2023-27370. They were all patched by Netgear with the release of firmware version 1.0.10.94 in early April. Claroty stated that three of the vulnerabilities have been rated "high severity," and their exploitation can lead to remote code execution, authentication bypass, and command injection. Chaining all the flaws can have a significant impact. Claroty noted that successful exploits could allow attackers to monitor users' internet activity, hijack internet connections and redirect traffic to malicious websites, or inject malware into network traffic. An attacker could also use these vulnerabilities to access and control networked smart devices (security cameras, thermostats, smart locks), change router settings, including credentials or DNS settings, or use a compromised network to launch attacks against other devices or networks. Claroty stated that one mitigating factor is that executing the exploit requires access to the LAN it's not a WAN attack that can be executed from the internet, which is why it earned a smaller reward at Pwn2Own. Netgear explained in an advisory that these vulnerabilities require an attacker to have your WiFi password or an Ethernet connection to your network to be exploited.
SecurityWeek reports: "Details Disclosed for Exploit Chain That Allows Hacking of Netgear Routers"