Description
A security flaw in the router's certificate validation process was discovered in the NETGEAR XR1000 Gaming Router and certain Nighthawk models that could allow an unauthorized person to remotely access and take control of the device.
Problem types
CWE-599 Missing validation of OpenSSL certificate
Product status
Any version before V1.0.4.48
Any version before V1.0.4.48
Any version before V1.2.14.114
Any version before V1.0.2.86
Credits
fluorescent
References
www.netgear.com/support/product/mr70/
www.netgear.com/support/product/raxe500/
www.netgear.com/support/product/ms70/
www.netgear.com/support/product/xr1000/