Rewterz Threat Alert – Hancitor InfoStealer – Active IOCs
September 23, 2021Rewterz Threat Alert – RedLine Malware – Active IOCs
September 23, 2021Rewterz Threat Alert – Hancitor InfoStealer – Active IOCs
September 23, 2021Rewterz Threat Alert – RedLine Malware – Active IOCs
September 23, 2021Severity
High
Analysis Summary
CVE-2021-40847
Multiple NETGEAR routers could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the update process of the Circle Parental Control Service. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Affected Vendors
- NETGEAR
Affected Products
- Netgear R6700
- Netgear R6900
- NETGEAR R7000P
- NETGEAR R8000
- NETGEAR R6400v2
- NETGEAR R6700v3
- NETGEAR R7000
- NETGEAR R7850
- NETGEAR R7900
- NETGEAR RS400
- NETGEAR R6900P
Remediation
Refer to NETGEAR Security Advisory for patch, upgrade or suggested workaround information.