CVE-2016-11060

Vulnerability

NETGEAR firewalls SRX5308, FVS336Gv3, FVS318N, and FVS318Gv2 running firmware versions prior to 4.3.4-2 (released before 2017-02-10) are affected by an insecure renegotiation vulnerability in their SSL/TLS implementation [1]. The bug allows a client to insecurely renegotiate a remote connection after the initial handshake, bypassing normal security controls.

Exploitation

An unauthenticated remote attacker can exploit this vulnerability by establishing an SSL/TLS connection to the affected device and then repeatedly requesting renegotiation of the session [1]. No prior authentication or special network position is required; the attacker only needs network access to the device's management interface or other SSL/TLS services.

Impact

Successful exploitation leads to a denial of service (DoS) condition, as the device's resources are consumed by handling excessive renegotiation requests [1]. The attack affects availability but does not result in information disclosure or remote code execution.

Mitigation

NETGEAR released firmware version 4.3.4-2 to fix this vulnerability [1]. Users should update their devices to this version or later. No workarounds are documented. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog.