TMCnet News

GRIMM Private Vulnerability Disclosure Program Reveals Netgear SOHO Devices Vulnerability
[September 21, 2021]

GRIMM Private Vulnerability Disclosure Program Reveals Netgear SOHO Devices Vulnerability


GRIMM, a forward-looking cybersecurity organization led by industry experts, today announced they performed dedicated vulnerability research against a series of Netgear (News - Alert) SOHO devices and discovered a vulnerability that allows remote code execution (RCE) as root. This research stems from GRIMM's Private Vulnerability Disclosure (PVD) Program where research targets are selected based on extensive threat modeling and our team's deep background in reverse engineering and vulnerability research.

"As part of this research, we discovered a vulnerability that unauthenticated attackers can leverage to gain remote code execution (RCE) as root on these devices," said Adam Nichols, Principal of Software Security, GRIMM. "The impact of this vulnerability is that it allows an attacker to monitor and modify traffic that is sent through compromised devices as well as provide a pivot point for lateral network movement."

To mitigate the risk of similar vulnerabilites, GRIMM recommends the use of virtual private network (VPN) clients that encrypt all traffic before it passes through a network device. Additionally, reducing the number of services running on your router is another mitigation strategy for those with direct access to their routers.



This vulnerability is significant because the routers impacted are Small Offices/Home Offices (SOHO) devices. These devices aren't frequently found inside enterprise networks, and thus security issues within them may be overlooked. However, with the increase in remote work due to COVID-19 precautions, many organizations now have a greater number of their employees connecting to internal networks through their own, personal SOHO devices. In these cases, SOHO device vulnerabilities provide a potential vector through which remote attackers can gain access to the data sent in and out of corporate networks.

The security research is done entirely by GRIMM's internal PVD team. The GRIMM PVD team has decades of experience in the most sensitive environments. Because GRIMM has a strong commitment to partnership, the PVD program welcomes requests to look into specific software or hardware. GRIMM is able to offer this service to a limited, trusted clientele to ensure that the program is used appropriately while the team works with the vendors for patches.


For more information, contact [email protected].

About GRIMM

GRIMM is a forward-thinking cybersecurity organization led by industry experts. The company's practice demonstrates the impact of security risks and provides the technical solutions to address top risks. GRIMM's expertise is built on operational experience solving advanced cybersecurity problems. For more, go to www.grimm-co.com.


[ Back To TMCnet.com's Homepage ]