Quote:A high-severity security bug affecting several Netgear small office/home office (SOHO) routers could allow remote code execution (RCE) via a man-in-the-middle (MiTM) attack.
The bug (CVE-2021-40847) exists in a third-party component that Netgear includes in its firmware, called Circle – it handles the parental controls for the devices, according to researchers at Grimm who discovered the flaw. It rates 8.1 out of 10 on the CVSS 3.0 vulnerability-severity scale.
“Since this code is run as root on the affected routers, exploiting it to obtain RCE is just as damaging as a RCE vulnerability found in the core Netgear firmware,” they said in an advisory released Tuesday.
Specifically, the issue lives in the Circle update daemon. Researchers explained that the updating process is insecure, making it possible for attackers to spoof the update server and inject their own bits and bytes into the process.
It should be noted that a prerequisite for exploitation is having the ability to sniff and send network traffic to and from a target router, the advisory said – meaning that adversaries would need to be attached to the same network as the appliance. That can be achieved by compromising a connected device such as a mobile phone or computer prior to initiating the RCE effort.
Read more: Netgear SOHO Security Bug Allows RCE, Corporate Attacks | Threatpost
![[-]](https://www.geeks.fyi/images/collapse.png)
