Blog Overview

September 7, 2021

CRITICAL AUTH BYPASS BUG AFFECT NETGEAR SMART SWITCHES — PATCH AND POC RELEASED

Author: Sam Munakl

Networking, storage, and security solutions provider Netgear on Friday issued patches to address three security vulnerabilities affecting its smart switches that could be abused by an adversary to gain full control of a vulnerable device.

The flaws, which were discovered and reported to Netgear by Google security engineer Gynvael Coldwind, impact the following models:

  • GC108P (fixed in firmware version 1.0.8.2)
  • GC108PP (fixed in firmware version 1.0.8.2)
  • GS108Tv3 (fixed in firmware version 7.0.7.2)
  • GS110TPP (fixed in firmware version 7.0.7.2)
  • GS110TPv3 (fixed in firmware version 7.0.7.2)
  • GS110TUP (fixed in firmware version 1.0.5.3)
  • GS308T (fixed in firmware version 1.0.3.2)
  • GS310TP (fixed in firmware version 1.0.3.2)
  • GS710TUP (fixed in firmware version 1.0.5.3)
  • GS716TP (fixed in firmware version 1.0.4.2)
  • GS716TPP (fixed in firmware version 1.0.4.2)
  • GS724TPP (fixed in firmware version 2.0.6.3)
  • GS724TPv2 (fixed in firmware version 2.0.6.3)
  • GS728TPPv2 (fixed in firmware version 6.0.8.2)
  • GS728TPv2 (fixed in firmware version 6.0.8.2)
  • GS750E (fixed in firmware version 1.0.1.10)
  • GS752TPP (fixed in firmware version 6.0.8.2)
  • GS752TPv2 (fixed in firmware version 6.0.8.2)
  • MS510TXM (fixed in firmware version 1.0.4.2)
  • MS510TXUP (fixed in firmware version 1.0.4.2)

In light of the critical nature of the vulnerabilities, companies relying on the aforementioned Netgear switches are recommended to upgrade to the latest version as soon as possible to mitigate any potential exploitation risk. Please get with your IT ASAP and make sure they check and apply the patches.

If you have questions, please do not hesitate to reach out to our security team at [email protected]

Our Recent Blog Posts

November 02, 2022

7 Reasons Why Healthcare Is the Biggest Target for Cyberattacks

Author:Sam Munakl

Networking, storage, and security solutions provider Netgear on Friday issued patches to address three security vulnerabilities affecting its smart switches that could be abused by an adversary to gain full control of a vulnerable device. Read more…

Read More
">
July 15, 2022

Dental Compliance and Teledentistry

Author:Sam Munakl

Networking, storage, and security solutions provider Netgear on Friday issued patches to address three security vulnerabilities affecting its smart switches that could be abused by an adversary to gain full control of a vulnerable device. Read more…

Read More