New Vulnerability in NETGEAR Nighthawk R7000 allows remote attackers to connect

Sunday, November 1, 2020, 8:27 GMT

If the user visits an attacker-controlled website using a modern browser, aka NAT Slipstreaming, the SIP ALG implementation on NETGEAR Nighthawk R7000 10.2.64 devices allows remote attackers to connect with arbitrary TCP and UDP resources on the victim’s intranet computer. This happens because, even though this packet has a non-zero fragment offset, the ALG takes action based on an IP packet with an initial REGISTER substring in the TCP data, and the right intranet IP address in the corresponding Via header.

image from


Upgrade your router firm


Special offer: