Unauthenticated RCE on Some Netgear WiFi Routers, PSV-2023-0039

Created on 2025-02-10 18:09 and updated on 2025-02-10 18:09.

Description

NETGEAR has released fixes for an unauthenticated RCE security vulnerability on the following product models:

XR1000 fixed in firmware version 1.0.0.74
XR1000v2 fixed in firmware version 1.1.0.22
XR500 fixed in firmware version 2.3.2.134

NETGEAR strongly recommends that you download the latest firmware as soon as possible.

Vulnerabilities included in this bundle

PSV-2023-0039: No description available.
CVE-2025-25246:

Meta

[
   {
      ref: [
         "https://kb.netgear.com/000066558/Security-Advisory-for-Unauthenticated-RCE-on-Some-WiFi-Routers-PSV-2023-0039",
      ],
   },
]

Author

Cédric Bonhomme

Combined sightings

Author	Vulnerability	Source	Type	Date