Netgear, one of the most popular router manufacturers, has been vulnerable to two different flaws that could allow hackers to compromise your corporate network and connected devices.
Reported critical vulnerabilities reside in the Netgear's ProSafe NMS300 Model (Network Management System) – a centralized and comprehensive management application for network administrators that enables them to discover, monitor, configure, and report on SNMP-based enterprise-class network devices.
SNMP (Simple Network Management Protocol) is a network management protocol which facilitates Netgear's ProSafe NMS300 application to gather data from various network devices such as servers, printers, hubs, switches, and routers.
Remotely collected data includes CPU load, routing tables, and network traffic statistics.
A joint security dug conducted by Pedro Ribeiro (Security Researcher of UK Based firm Agile Information) along with CERT Committee divulged the vulnerabilities in the web interface of the router that could allow attackers to:
Unauthorized Arbitrary File Upload Flaw: This flaw comes with the default installation of NMS300, allowing an unauthorized attacker to upload an arbitrary file and execute (Remote Code Execution) malicious code with SYSTEM privileges.
> Upload location: http://:8080/fileUpload.do
Upload location: http://:8080/lib-1.0/external/flash/fileUpload.do
Execurition Location: http://:8080/null
Directory Traversal Attack: This vulnerability allows authenticated users to read and download any restricted file by manipulating ‘realName’ parameter of POST request to http://__:8080/data/config/image.do?method=add URL.
The security vulnerabilities affect Netgear Management System NMS300, version 126.96.36.199 and earlier.
Since there are no patches yet available from Netgear to fix these vulnerabilities, the only solution that network admins could implement here is strengthening the firewall policy by restricting the untrusted sources.
As threats continue to evolve and increase in volume and frequency, you can no longer rely on static network security monitoring.
Network administrators are strongly encouraged to monitor network-based services or protocols on a continuous basis using security monitoring solutions like AlienVault Unified Security Management (USM), which also includes intrusion detection (IDS) and real-time threat intelligence to help administrators to quickly identify and remediate threats on their network.
Netgear had not yet commented to this issue.