[TheRecord] ‘Demon’s Cries’ authentication bypass patched in Netgear switches

Networking equipment vendor Netgear has patched three vulnerabilities in several of its smart switches that can allow threat actors to bypass authentication and take over devices.

Codenamed Demon’s CriesDraconian Fear, and Seventh Inferno, the vulnerabilities were discovered and reported to Netgear by a Polish security researcher going by the pseudonym of Gynvael Coldwind.

Netgear released patches last week on September 3.The researcher published detailed write-ups for the first two bugs, Demon’s Cries and Draconian Fear.Coldwind said technical details about the Seventh Inferno bug would be published next Monday, on September 13.

Of the three vulnerabilities, the first, known as Demon’s Cries, is considered the most severe, with a severity rating of 9.8 out of a maximum of 10, on the CVSSv3 scale.

As Coldwind explained today, the vulnerability can be used to change to bypass initial authentication and change the admin account password for affected Netgear switches.

Not all switches are vulnerable, as the bug resides in the device’s web-based administration panel, known as SCC Control (NETGEAR Smart Control Center), which is disabled by default.

However, if the web UI is enabled, Coldwind says the bug can result in “a full compromise of the device.”

The Polish researcher said he initially tested the bug on a Netgear GS110TPV3 Smart Managed Pro Switch, but the US company confirmed that both Demon’s Cries and Draconian Fear impact a much larger list of devices.

Affected Netgear models:

GC108PGC108PPGS108Tv3GS110TPPGS110TPv3GS110TUPGS308TGS310TPGS710TUPGS716TPGS716TPPGS724TPPGS724TPv2GS728TPPv2GS728TPv2GS750EGS752TPPGS752TPv2MS510TXMMS510TXUP

On the other hand, the Draconian Fear vulnerability, while also an authentication bypass, is considered less severe. Coldwind said this bug could only be exploited to hijack logged-in admin sessions, but the attack needs to be carried out from the admin’s IP address.

The researcher released proof-of-concept code for both bugs.

The post ‘Demon’s Cries’ authentication bypass patched in Netgear switches appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[SecurityWeek] Splunk to Acquire Threat Intelligence Platform Provider TruSTAR

All posts, Security Week

Machine data solutions firm Splunk (NASDAQ: SPLK) announced Tuesday that it has agreed to acquire TruSTAR, a San Francisco-based company that provides a threat intelligence platform designed to integrate various threat data sources and improve detection and response times. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[ESET] Don’t use single‑factor authentication, warns CISA

All posts, ESET feed

The federal agency urges organizations to ditch the bad practice and instead use multi-factor authentication methods The post Don’t use single‑factor authentication, warns CISA appeared first on WeLiveSecurity Source: Read More (WeLiveSecurity)

Read More

Daily NCSC-FI news followup 2021-07-10

Cyber-attack disrupts Irans national railway system therecord.media/cyber-attack-disrupts-irans-national-railway-system/ Train services were canceled or delayed in Iran after a cyberattack crippled the national railway companys computer systems on Friday morning. The exact nature of the disruption is unclear, but the outage affected both passenger and cargo transportation services. According to multiple local media outlets, the system used […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.