CVE-2023-27368: NETGEAR Nighthawk Series Routers Authentication Bypass Vulnerability

Netgear has issued an urgent security alert regarding a severe vulnerability found in several of its popular Nighthawk series routers. The vulnerability, labeled CVE-2023-27368, could allow hackers to completely bypass the router’s login system, granting them full control over your network if they are connected to it.

Image: Netgear

What’s Affected?

The following Netgear Nighthawk models are confirmed to be vulnerable:

• RAX40
• RAX38
• RAX35

It’s important to note that other models might be at risk, and Netgear advises all Nighthawk series router owners to update their firmware immediately.

How Does The Exploit Work?

The vulnerability is specifically a “buffer overflow” issue. This means hackers can send specially crafted data to the router that overwhelms its memory defenses. When successful, this allows attackers to run their code on the router.

The severity of the situation is underscored by the vulnerability’s 8.4 out of 10 score on the Common Vulnerability Scoring System (CVSS) version 3.1, a rating that highlights its high criticality.

The discovery of CVE-2023-27368 was made by Chuya Hayakawa of 00One, Inc., who reported it to the JPCERT Coordination Center. Following a coordinated review, the vulnerability was publicly disclosed, prompting immediate response measures from NETGEAR.

What’s the Risk?

If attackers successfully exploit this vulnerability, they essentially gain full administrative control over the affected router. This means they could:

• Steal personal data and passwords passing through your network
• Route your internet traffic to malicious websites
• Install malware onto connected devices
• Change router settings to lock you out

Protect Yourself – Update Now!

Netgear has released firmware version 1.0.6.106, which patches this vulnerability. You must update your Nighthawk router immediately, even if you don’t own one of the specifically listed models.

You can usually find firmware updates within your router’s settings, or you may need to download the file from Netgear’s website.

To download the latest firmware for your NETGEAR product:

1. Visit NETGEAR Support.
2. Start typing your model number in the search box, then select your model from the drop-down menu as soon as it appears.
   If you do not see a drop-down menu, make sure that you entered your model number correctly, or select a product category to browse for your product model.
3. Click Downloads.
4. Under Current Versions, select the first download whose title begins with Firmware Version.
5. Click Release Notes.
6. Follow the instructions in the firmware release notes to download and install the new firmware.