Rewterz

Rewterz Threat Advisory – CVE-2023-28708 – Apache Tomcat Vulnerability

March 23, 2023
Rewterz

Rewterz Threat Alert – Quasar RAT aka CinaRAT – Active IOCs

March 24, 2023

Rewterz Threat Advisory – Multiple Netgear Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2022-38458 CVSS:6.5

NETGEAR Orbi Router RBR750 could allow a remote attacker to obtain sensitive information, caused by a flaw in the Remote Management function. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.

CVE-2022-38452 CVSS:7.2

NETGEAR Orbi Router RBR750 could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a flaw in the hidden telnet service function. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2022-37337 CVSS:9.1

NETGEAR Orbi Router RBR750 could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a flaw in the access control function. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2022-36429 CVSS:7.2

NETGEAR Orbi Satellite RBS750 could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a flaw in the ubus backend communications function. By sending specially crafted packets, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

Impact

  • Information Disclosure
  • Command Execution

Indicators Of Compromise

CVE

  • CVE-2022-38458
  • CVE-2022-38452
  • CVE-2022-37337
  • CVE-2022-36429

Affected Vendors

NETGEAR

Affected Products

  • NETGEAR Orbi Router RBR750 4.6.8.5
  • NETGEAR Orbi Satellite RBS750 4.6.8.5

Remediation

Upgrade to the latest version of Orbi Router and Satellite, available from the NETGEAR Web site.

NETGEAR Orbi Router

NETGEAR Orbi Satellite

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.