Design/Logic Flaw

2022-09-2018:15:00

PRIOn knowledge base

www.prio-n.com

netgear

firmware downgrade

vulnerability

mitm attack

nvd

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.5%

JSON

An exploitable firmware downgrade vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. An attacker can conduct a MITM attack to replace the user-uploaded firmware image with an original old firmware image. This affects Firmware 1.1.1_1.1.9 and earlier.

CPENameOperatorVersion
wpn824ext_firmwareeq<= 1.1.1-1.1.9

CPE	Name	Operator	Version
	wpn824ext_firmware	eq	<= 1.1.1-1.1.9

References

hackmd.io/@eupX2KdkT6iNpqJUWk9p4A/SyAnOSd1s

www.netgear.com/about/security/