Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Remote Code Execution Vulnerability in NETGEAR Routers
Alerts

Remote Code Execution Vulnerability in NETGEAR Routers

23 September 2021

NETGEAR has released security updates to address a remote code execution vulnerability (CVE-2021-40847) in their routers. This vulnerability could allow a remote attacker to take control of an affected system via a man-in-the-middle (MiTM) attack.

This vulnerability affects NETGEAR product models R6400v2, R6700, R6700v3, R6900, R6900P, R7000, R7000P, R7850, R7900, R8000 and RS400. 

Users and administrators of the affected product models are advised to upgrade to the latest firmware immediately.  

More information is available here:
https://us-cert.cisa.gov/ncas/current-activity/2021/09/21/netgear-releases-security-updates-rce-vulnerability
https://kb.netgear.com/000064039/Security-Advisory-for-Remote-Code-Execution-on-Some-Routers-PSV-2021-0204
https://threatpost.com/netgear-soho-security-bug-rce/174921/

Back to top