menu
close
close

Follow us

Social Media
Social Media
Social Media
Social Media
Social Media

Experienced a potential cyberattack or suspicious activity?

What are you looking for?
close
    home icon for breadcrumb
  1. Home
  2. Stay Alert
  3. All Threats
  4. Critical Vulnerability in NETGEAR Routers
  • published 1/21/25 7:22 AM
  • updated 13 January 2025
  • 2 Min Read

Critical Vulnerability in NETGEAR Routers

Alert Rating

Critical

Audience

Corporations, Government, Individuals & Families

On this page

Critical Vulnerability in NETGEAR Routers

A critical security flaw has been found in NETGEAR routers, and it is being actively exploited by hackers. This vulnerability allows attackers to gain unauthorized access to the router and run harmful code, potentially taking control of the device

Vulnerability Details

  • CVE-2024-12847
  • CVSS score 9.8 Critical
  • A critical security vulnerability exists in several NETGEAR router models, allowing remote attackers to gain unauthorized access and execute arbitrary commands with root privileges. This vulnerability has been actively exploited in the wild.
  • The vulnerability stems from improper authentication checks in the router's embedded web server. Attackers can bypass authentication by using URLs containing the substring "currentsetting.htm", allowing them to interact with the router's backend services without credentials
  • Successful exploitation allows attackers to:
    • Gain unauthorized root-level access to affected routers
    • Execute arbitrary operating system commands
    • Intercept or modify network traffic
    • Use compromised routers as pivot points for further attacks

 

Affected Devices:

  • NETGEAR DGN1000: Firmware versions below 1.1.00.48
  • NETGEAR DGN2200 v1: All firmware versions
  • Other NETGEAR devices may also be vulnerable

 

Mitigations:

  • For NETGEAR DGN1000: Update firmware to version 1.1.00.48 or later
  • For NETGEAR DGN2200 v1: Replace with newer, supported models as no security updates are available

Attachments

Critical Vulnerability in NETGEAR Routers.pdf

0.17 MB

Take Action

Protect yourself
  • Update Your Router’s Firmware: Apply the latest security update from NETGEAR to fix the vulnerability and protect your device from exploitation.
  • Enable Automatic Updates: Turn on automatic updates, if available, to ensure your router stays up-to-date with future security patches.

Attachments

Stay Connected

Follow our channels
Follow our social media channels to stay up to date.
Social Icon Social Icon Social Icon Social Icon Social Icon

Take Action

Spread Awareness

Share this threat to raise awareness and help others stay alert

GET INVOLVED

Make a Difference
Get involved with CSC and play a part in safeguarding the UAE's digital landscape.

Other Threats

20 January 2025

Alert rating

Critical

Critical Vulnerability in F5 Traffix SDC

A critical vulnerability has been discovered in F5 Traffix SDC, linked to Apache Tomcat, which could allow attackers to gain unauthorized access to compromised systems.

Protecting

Corporations, Government

share share

17 January 2025

Alert rating

High

Security Updates - NVIDIA

NVIDIA has released security updates to address multiple vulnerabilities in the NVIDIA Container Toolkit and NVIDIA GPU Operator.

Protecting

Corporations, Government

share share

16 January 2025

Alert rating

Critical

Critical Vulnerability in FortiSwitch Devices

A critical vulnerability (CVE-2023-37936) has been discovered in multiple versions of Fortinet FortiSwitch devices. This vulnerability, classified as a use of hard-coded cryptographic key [CWE-321], allows a remote unauthenticated attacker in possession of the key to execute unauthorized code via crafted cryptographic request.

Protecting

Corporations, Government

share share
Report an Incident
Get Involved

Follow us

Social Media
Social Media
Social Media
Social Media
Social Media

© 2025 CYBER SECURITY COUNCIL UAE. All rights reserved.

Privacy Policy Terms & Conditions