Your Netgear router might be an open door for hackers

By Kunal Khullar Published February 6, 2025

Netgear has released a security advisory addressing two critical vulnerabilities affecting Nighthawk Pro Gaming routers and certain Wi-Fi 6 access points. The company strongly recommends that users update their devices’ firmware promptly to mitigate potential risks.

The first vulnerability, identified as PSV-2023-0039, is a Remote Code Execution (RCE) flaw. This security issue allows attackers to execute arbitrary code on affected devices remotely, potentially leading to unauthorized control over the router. The second vulnerability, PSV-2021-0017, is an authentication bypass flaw, which enables attackers to circumvent authentication mechanisms and gain unauthorized access to the device’s management interface.

The affected models include Nighthawk Pro Gaming Routers such as the XR1000, XR1000v2, and XR500, as well as Wi-Fi 6 Access Points like the WAX206, WAX220, and WAX214v2.

The company has released firmware updates to address these vulnerabilities. If you do own any of the above mentioned products, it is strongly advised to download and install the latest firmware versions for your respective devices. Detailed instructions on updating firmware can be found on Netgear’s official support page.

Routers are prime targets for cyberattacks because they serve as the main gateway between the internet and home or business networks. They are always online, making them a persistent attack surface for hackers. Many routers ship with weak default security settings, including easily guessable credentials and outdated firmware, which users often neglect to update. Attackers exploit these vulnerabilities to gain control over the router, using it to monitor internet traffic, launch further attacks, or redirect users to malicious websites. Additionally, unsecured remote access features can allow hackers to take over routers from anywhere in the world.

Once compromised, routers can be used for various malicious activities, including botnet recruitment, DNS hijacking, and man-in-the-middle attacks. Hackers can exploit them to intercept sensitive data, gain access to IoT devices, and even use them as launch points for large-scale cyberattacks like DDoS attacks.

Since many users are unaware of router security risks, these devices often remain unpatched and vulnerable for extended periods. To reduce the risk, users should regularly update firmware, change default credentials, disable unnecessary remote management features, and enable strong encryption to secure their networks.