Rax120V2
Monthly
TLS certificate validation failure in the ReadyCloud client app on multiple NETGEAR router models exposes confidential data to network interception. The app does not properly validate TLS certificates (CWE-325), enabling a network-positioned attacker to perform man-in-the-middle (MiTM) attacks against ReadyCloud communications. Affected models include the RAX35, RAX38, RAX40, RAX120v1, and RAX120v2 running firmware below the patched versions; no public exploit code exists and no active exploitation has been confirmed.
Insufficient authentication (CWE-306) and input validation weaknesses across more than 25 NETGEAR router and mesh system models allow an adjacent-network attacker with low-level privileges to execute arbitrary commands and read sensitive configuration data, or alter certain device settings. The CVSS 4.0 vector confirms the attack is limited to adjacent network segments (AV:A) and requires low privileges (PR:L), with high confidentiality impact on both the vulnerable component and subsequent systems (VC:H, SC:H). No public exploit has been identified at time of analysis, and NETGEAR has self-reported the issue with patches available for all listed product lines.
TLS certificate validation failure in the ReadyCloud client app on multiple NETGEAR router models exposes confidential data to network interception. The app does not properly validate TLS certificates (CWE-325), enabling a network-positioned attacker to perform man-in-the-middle (MiTM) attacks against ReadyCloud communications. Affected models include the RAX35, RAX38, RAX40, RAX120v1, and RAX120v2 running firmware below the patched versions; no public exploit code exists and no active exploitation has been confirmed.
Insufficient authentication (CWE-306) and input validation weaknesses across more than 25 NETGEAR router and mesh system models allow an adjacent-network attacker with low-level privileges to execute arbitrary commands and read sensitive configuration data, or alter certain device settings. The CVSS 4.0 vector confirms the attack is limited to adjacent network segments (AV:A) and requires low privileges (PR:L), with high confidentiality impact on both the vulnerable component and subsequent systems (VC:H, SC:H). No public exploit has been identified at time of analysis, and NETGEAR has self-reported the issue with patches available for all listed product lines.