Hidden functionality in NETGEAR Orbi WiFi Systems
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2022-38452 |
| CWE-ID | CWE-912 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
RBR750 Hardware solutions / Routers & switches, VoIP, GSM, etc RBR840 Hardware solutions / Routers & switches, VoIP, GSM, etc RBR850 Hardware solutions / Routers & switches, VoIP, GSM, etc RBR860 Hardware solutions / Routers & switches, VoIP, GSM, etc RBRE950 Hardware solutions / Routers & switches, VoIP, GSM, etc RBRE960 Hardware solutions / Routers & switches, VoIP, GSM, etc RBS750 Hardware solutions / Routers & switches, VoIP, GSM, etc RBS840 Hardware solutions / Routers & switches, VoIP, GSM, etc RBS850 Hardware solutions / Routers & switches, VoIP, GSM, etc RBS860 Hardware solutions / Routers & switches, VoIP, GSM, etc RBSE950 Hardware solutions / Routers & switches, VoIP, GSM, etc RBSE960 Hardware solutions / Routers & switches, VoIP, GSM, etc |
| Vendor | NETGEAR |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Hidden functionality
EUVDB-ID: #VU74012
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-38452
CWE-ID:
CWE-912 - Hidden Functionality (Backdoor)
Exploit availability: No
DescriptionThe vulnerability allows a remote user to compromise vulnerable system
The vulnerability exists due to hidden functionality (backdoor) is present in software within the hidden telnet service functionality. A remote administrator can use this functionality to gain full access to the application and execute arbitrary commands on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRBR750: All versions
RBR840: All versions
RBR850: All versions
RBR860: All versions
RBRE950: All versions
RBRE960: All versions
RBS750: All versions
RBS840: All versions
RBS850: All versions
RBS860: All versions
RBSE950: All versions
RBSE960: All versions
CPE2.3- cpe:2.3:h:netgear:rbr750:*:*:*:*:*:*:*:*
- cpe:2.3:h:netgear:rbr840:*:*:*:*:*:*:*:*
- cpe:2.3:h:netgear:rbr850:*:*:*:*:*:*:*:*
- cpe:2.3:h:netgear:rbr860:*:*:*:*:*:*:*:*
- cpe:2.3:h:netgear:rbre950:*:*:*:*:*:*:*:*
- cpe:2.3:h:netgear:rbre960:*:*:*:*:*:*:*:*
- cpe:2.3:h:netgear:rbs750:*:*:*:*:*:*:*:*
- cpe:2.3:h:netgear:rbs840:*:*:*:*:*:*:*:*
- cpe:2.3:h:netgear:rbs850:*:*:*:*:*:*:*:*
- cpe:2.3:h:netgear:rbs860:*:*:*:*:*:*:*:*
- cpe:2.3:h:netgear:rbse950:*:*:*:*:*:*:*:*
- cpe:2.3:h:netgear:rbse960:*:*:*:*:*:*:*:*
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1595
https://kb.netgear.com/000065417/Security-Advisory-for-Command-Injection-on-Some-Orbi-WiFi-Systems-PSV-2022-0187
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
