February 7th 2016

CVE-2016-1524 can be used to gain “God-Mode” on a netgear enterprise router. Essentially this could allow a remote attack to gain access to the router, globally and potentially monitor traffic along with causing an outage within a data centre. This could end up costing a company thousands to millions of pounds with reputational cost being even greater to Netgear.

I’m curious why Netgear hasn’t released a fix for this, but what’s even more worrying is that the security researcher has released Metasploit modules. This means the average person(script kiddie) can use these modules to attack SMEs (Small and Medium Enterprises).