Netgear over the last week has released 50 patches for its routers, switches, NAS devices, and wireless access points - many of the vulnerabilities were reported via the company's bug bounty program.
The patches resolved vulnerabilities ranging from remote code execution bugs to authentication bypass flaws and most of the flaws were found by researchers at the network security firm Beyond Security, according to several advisories posted by Netgear.
Nearly twenty of the patches were addressed as “high” vulnerability issues while the remainder were addressed as “medium” security threats.
“These are all vulnerabilities caused by what appears to be inadequate verification of user input, oversight on what should and should not require authentication, and improper mechanism of enforcing security on users accessing their product web interface,” Beyond Security Founder and Chief Technology Officer Noam Rathaus told Threat Post. “I believe much of Netgear products share the same codebase and same underlying code structure which is what causing many of their products to be vulnerable.”
Netgear recommends users update their systems to the most recent version as soon as possible.