Rewterz Threat Alert – NJRAT – Active IOCs
March 14, 2023Rewterz Threat Alert – MeterPreter Malware – Active IOCs
March 14, 2023Rewterz Threat Alert – NJRAT – Active IOCs
March 14, 2023Rewterz Threat Alert – MeterPreter Malware – Active IOCs
March 14, 2023Severity
High
Analysis Summary
CVE-2023-27853 CVSS:8.3
NETGEAR Nighthawk WiFi6 Router could allow a remote attacker to execute arbitrary code on the system, caused by a format string flaw in the SOAP service. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-27852 CVSS:8.8
NETGEAR Nighthawk WiFi6 Router is vulnerable to a buffer overflow, caused by improper bounds checking by the Password Reset CGI, Traffic Management CGI, and rex_cgi. By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2023-27851 CVSS:9.8
NETGEAR Nighthawk WiFi6 Router could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the ReadyShare Default Share Configurations. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-27850 CVSS:7.6
NETGEAR Nighthawk WiFi6 Router could allow a physical attacker to bypass security restrictions, caused by a flaw in the ReadyShare function. By using a specially crafted USB device, an attacker could exploit this vulnerability to read and modify arbitrary files on the device.
CVE-2023-1205 CVSS:8.8
NETGEAR Nighthawk WiFi6 Router is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.
Impact
- Code Execution
- Security Bypass
- Buffer Overflow
- Unauthorized Access
Indicators Of Compromise
CVE
- CVE-2023-27853
- CVE-2023-27852
- CVE-2023-27851
- CVE-2023-27850
- CVE-2023-1205
Affected Vendors
NETGEAR
Affected Products
- NETGEAR Nighthawk WiFi6 Router 1.0.10
Remediation
Upgrade to the latest version of Nighthawk WiFi6 Router, available from the NETGEAR Web site.