CVE-2020-14428

Vulnerability

An administrative credential disclosure vulnerability exists in certain NETGEAR Orbi WiFi system models. Affected devices include RBK752, RBK753, RBK753S, RBR750, RBS750, RBK842, RBR840, RBS840, RBK852, RBK853, RBR850, and RBS850 running firmware versions prior to 3.2.15.25 [1]. The vulnerability allows an attacker to obtain the administrative credentials of the device, potentially without any prior authentication or user interaction.

Exploitation

An attacker with access to the local network can exploit this vulnerability to retrieve the administrative credentials. The exact attack vector is not detailed in the advisory, but it likely involves a network service or API that improperly exposes sensitive information. No user interaction is required, and the attacker does not need to be authenticated to the device [1].

Impact

Successful exploitation grants the attacker administrative access to the affected WiFi system. This enables full control over the device, including the ability to change configuration settings, monitor network traffic, modify security policies, and potentially pivot to other devices on the network. The disclosure of admin credentials compromises the confidentiality and integrity of the entire network [1].

Mitigation

NETGEAR has released firmware version 3.2.15.25 to address this vulnerability. Users are strongly advised to download and install the latest firmware for their specific model from the NETGEAR Support website. No workarounds are provided, and the vulnerability remains if the device is not updated [1].