|
|
|
|
|
|
by jeroenhd
1733 days ago
|
|
|
This may be a full RCE vulnerability but from what I can tell the exploit requires intercepting or redirecting HTTP traffic from the router to the update server. Thats definitely a massive problem because anyone with access to DNS records (ISPs, governments, educational facilities, and so on) can remotely hack all of these devices, but on the other hand this poses no direct threat. The "immediately" part of the title seems overstated. This just seems like a random, run-of-the-mill crappy router vulnerability to me. I'd be surprised if there was a consumer router that wasn't vulnerable to this somehow. Good thing Netgear provides a patch, though. |
|
|