CVE-2018-21164

Vulnerability

A post-authentication command injection vulnerability exists in certain NETGEAR routers, specifically the R6220 and WNDR3700v5 models. Affected versions are R6220 before 1.1.0.64 and WNDR3700v5 before 1.1.0.54. The vulnerability allows an authenticated user to inject arbitrary commands via the router's web interface, as described in the NETGEAR security advisory [1].

Exploitation

Exploitation requires an attacker to have valid authentication credentials for the router's administrative interface. The attacker must be on the same network or have remote access to the management interface. The exact steps are not detailed publicly, but the advisory confirms that command injection can be performed by sending specially crafted requests to vulnerable firmware [1].

Impact

Successful exploitation grants the attacker the ability to execute arbitrary commands with root privileges on the device, leading to full compromise of confidentiality, integrity, and availability (CIA) of the router and potentially the network it supports [1].

Mitigation

NETGEAR has released fixed firmware versions: 1.1.0.64 for R6220 and 1.1.0.54 for WNDR3700v5. Users are strongly advised to download and install the latest firmware from the NETGEAR Support site to remediate the vulnerability. No workaround is available [1].