Download Certificate- CMOs | ECIO | Most Admired Brand | Most Trusted Company

Critical Bug impacts Netgear Smart Switches


By MYBRANDBOOK


Critical Bug impacts Netgear Smart Switches

Third Critical Bug Affects Netgear Smart Switches - the Details and PoC have been released. The disclosure comes weeks after Netgear released patches to handle the vulnerabilities earlier this month. Successful exploitation of Demon’s Cries and Draconian Fear might grant a malicious celebration the power to vary the administrator password without really having to know the earlier password or hijack the session bootstrapping info, leading to a full compromise of the gadget.

 

in a new post sharing technical specifics about Seventh Inferno, Coldwind noted that the issue relates to a newline injection flaw in the password field during Web UI authentication, effectively enabling the attacker to create fake session files, and combine it with a reboot Denial of Service (DoS) and a post-authentication shell injection to get a fully valid session and execute any code as root user, thereby leading to full device compromise.

 

The reboot DoS is a technique designed to reboot the switch by exploiting the newline injection to write "2" into three different kernel configurations - "/proc/sys/vm/panic_on_oom," "/proc/sys/kernel/panic," and "/proc/sys/kernel/panic_on_oops" - in a manner that causes the device to compulsorily shut down and restart due to kernel panic when all the available RAM is consumed upon uploading a large file over HTTP.

 

"This vulnerability and exploit chain is actually quite interesting technically," Coldwind said. "In short, it goes from a newline injection in the password field, through being able to write a file with constant uncontrolled content of '2' (like, one byte 32h), through a DoS and session crafting (which yields an admin web UI user), to an eventual post-auth shell injection (which yields full root)."
 BREAKING NEWS  BREAKING NEWS
Apple in talks to include OpenAI's generative AI tech in upcoming

Apple in talks to include OpenAI's generative AI tech in upcoming...

Apple has renewed talks with Sam Altman-led OpenAI about using its gener...

RBI criticizes TalkCharge and warns users for operating unauthori

RBI criticizes TalkCharge and warns users for operating unauthori...

Recently, the Reserve Bank of India warned the public about the risks reg...

Telecom players request Government to address revenue sharing mod

Telecom players request Government to address revenue sharing mod...

Telecom operators Bharti Airtel, Reliance Jio and Vodafone Idea repres...

Dell Technologies and Alienware unveil the new Alienware x16 R2 i

Dell Technologies and Alienware unveil the new Alienware x16 R2 i...

Dell Technologies and Alienware have launched the new Alienware x16 R2 in...

 TECHNO TRENDS  Placeholder image
Google Pay has added

Google Pay has added "Open Wallet" shortcut

With the introduction of the "Open Wallet" shortcut, Google Pay has impro...

TRAI targets to finalise National Broadcast Policy by May-end

TRAI targets to finalise National Broadcast Policy by May-end

The Telecom Regulatory Authority of India will finalise the National Broa...

TAC Security becomes Cyber Security Assessor for the App Defen

TAC Security becomes Cyber Security Assessor for the App Defen

The cybersecurity company, TAC Security has been selected as a key Cyber ...

InterGlobe’s Rahul Bhatia and C.P. Gurnani together announce

InterGlobe’s Rahul Bhatia and C.P. Gurnani together announce

In a move that is set to transform the AI landscape, Rahul Bhatia, Group M...

 E-Magazine 
 TECHNOTAINMENT  Placeholder image
ED attaches Raj Kundra, Shilpa Shetty’s Rs 97 crore worth as

ED attaches Raj Kundra, Shilpa Shetty’s Rs 97 crore worth as

Salman Khan trolled for singing with B Praak at Anant Ambani's

Salman Khan trolled for singing with B Praak at Anant Ambani's

To celebrate Mukesh Ambani's youngest son Anant Ambani’s 29th birthday

Disney+ Hotstar wins the Best OTT Platform of the year

Disney+ Hotstar wins the Best OTT Platform of the year

Film Critics Guild and Group M Motion Entertainment, in collaboration with

 MOVERS & SHAKERS  Placeholder image
Amagi names its Chief Product Officer

Amagi names its Chief Product Officer

Nium Appoints Alexandra Johnson appoints as Chief Payments Off

Nium Appoints Alexandra Johnson appoints as Chief Payments Off

Nium, the leader in real-time cross-border payments, today announced the ap
SISL elevates Ankita Wadhawan as CEO—End User Computing

SISL elevates Ankita Wadhawan as CEO—End User Computing

The IT service provider, SISL in a LinkedIn post announced the elevation

 OPEN YOUR EYES  Placeholder image

India is moving towards the path of self-reliance
Digital Strategies Focuses On Technology To Improve Business Performance
Data security and Digital strike is the top priority of the Government
Tools and technologies are being used for Remote Work and Collaboration Teams
The Security Threat is looming the BFSI Segments
 INTERVIEWS  Placeholder image
Acuutech continues to focus on innovation, customer focus and

Acuutech continues to focus on innovation, customer focus and

Autodesk investing in emerging Design & Make technologies to d

Autodesk investing in emerging Design & Make technologies to d

Autodesk partners with leading companies in a variety of industries, includ
D-Link in pursuit of building a more connected, smarter and co

D-Link in pursuit of building a more connected, smarter and co

D-Link is committed to the ‘Make in India’ vision. Aligned with this, t
 HOT PICK  Placeholder image
Lenovo launches IdeaPad Pro 5i in India with Intel Core Ultra

Lenovo launches IdeaPad Pro 5i in India with Intel Core Ultra

COLORFUL rolls out an array of gaming laptops

COLORFUL rolls out an array of gaming laptops

COLORFUL launched its incredible series of COLORFUL EVOL P15 gaming laptop
Dell Technologies launches new AI-powered commercial PC portfo

Dell Technologies launches new AI-powered commercial PC portfo

Dell Technologies has launched the broadest portfolio of commercial AI lap
 MAKE IN INDIA BRANDS   Placeholder image
QUICK HEAL TECHNOLOGIES PVT. Ltd.

QUICK HEAL TECHNOLOGIES PVT. Ltd.


HP INDIA SALES PVT. LTD.  

HP INDIA SALES PVT. LTD.  


SAMSUNG INDIA ELECTRONICS PVT. LTD.

SAMSUNG INDIA ELECTRONICS PVT. LTD.


OPTIEMUS INFRACOM

OPTIEMUS INFRACOM


 EMINENT CIO'S OF INDIA  EMINENT CIO'S OF INDIA

EMPOWERING BUILDERS AND BUSINESSES TO BUILD A BETTER INDIA

Technology is no longer a “nice-to-have”; it...

Nurturing a culture of innovation by encouraging creative thinking and exploration of emerging technologies

We recognize that each customer is unique, with sp...

Transforming business processes by deploying solutions & leveraging technology

Our agenda for 2023-24 is to get more efficiency i...

 ICONS OF INDIA  Placeholder image

Technology Icons Of India 2023: Bhavish Aggarwal

Ola CEO Bhavish Aggarwal had formed Ola-India’s largest mobility pla...

Technology Icons Of India 2023: Lt Gen (Dr.) Rajesh Pant (Retd.)

LT Gen(Dr.) Rajesh Panth (Retd.), National cyber security coordination...

Technology Icons Of India 2023: Sandip Patel

Sandip Patel is the Managing Director, IBM India/South Asia. He is res...

 PARTNER SPEAKERS  EMINENT CIO'S OF INDIA

Rashi Peripherals Expanding Solutions Portfolio and Entering New Territories for 360-Degree Growth

Rashi Peripherals Limited’s strategic viewpoints of value addition, innovati...

Customer Satisfaction is Sound Solutions’ Foundation for Success and Resilience

India is a very big market with a variety of segments like SME, Corporate, Gov...

Creating a valuable and profitable long term business relationship to scale business growth

iValue is the center of the ecosystem, where it connects its channel partners ...

 PSU  Placeholder image

EESL encouraging e-mobility adoption across India  

Energy Efficiency Services Limited (EESL) is a Super Energy Service Co...

INDIANOIL helps reach precious petroleum fuels to every nook and corner of the country 

IndianOil, a diversified, integrated energy major with presence in alm...

NPCI leading India towards Digital payments  

The National Payments Corporation of India (NPCI) is an initiative tak...

 VIDEOS  Placeholder image

 Top 25 Brands  Solution partners

Most Trusted Brands 2023 : Oracle India Pvt. Ltd.  

Oracle offers a wide range of other enterprise software solutions, including m...

Most Trusted Brands 2023 : IBM India Pvt. Ltd.

One of the world’s oldest and largest technology companies, IBM is credited ...

Most Trusted Brands 2023 : Zoom Communications Ltd.

A communications technology company headquartered in San Jose, California, Zoo...

 Value-Added Distribution  Value-Added Distribution

ADITYA INFOTECH LTD.

Aditya Infotech Ltd. (AIL) – the technology arm of Aditya Group, is ...

FORTUNE MARKETING PVT. LTD.

Delhi based Fortune Marketing, An ISO 9001:2008 company, distributes ...

SATCOM INFOTECH PVT. LTD.

Satcom Infotech Pvt. Ltd is a distribution houses in security in India...

 ITFORUM 2024  
 WIITF 2024  
   
 CMO of the Year   Placeholder image
 WOMEN LEADERSHIP  Placeholder image
 EMINENT CIO's OF INDIA   Placeholder image
 TRENDS IN TECHNOLOGY  Placeholder image
MORE VIDEOS  Placeholder image
Brand Book
Brand Book
Brand Book
Brand Book
 ADVERTISEMENTS  Placeholder image
 TECHNOLOGY DISRUPTION Placeholder image

DE-CIX and Lightstorm to offer new capabilities to enterprises

DE-CIX and Lightstorm to offer new capabilities to enterprises

Property developers and tenants get next generation networking from CommScope RUCKUS and Samsung

Property developers and tenants get next generation networking from CommScope RUCKUS and Samsung

IOCL selects Reliance Jio managed network services for its retail outlets

IOCL selects Reliance Jio managed network services for its retail outlets

Enterprises are adopting a Hybrid Multi cloud approach to overcome the dual challenge of their digital journey

Enterprises are adopting a Hybrid Multi cloud approach to overcome the dual challenge of their digital journey

 UNICORNS REVOLUTIONISING Placeholder image

Mensa Brand Technologies Private Limited

Mensa Brand Technologies Private Limited

Chargebee Technologies Private Limited

Chargebee Technologies Private Limited

A&A DUKAAN FINANCIAL SERVICES PRIVATE LIMITED

A&A DUKAAN FINANCIAL SERVICES PRIVATE LIMITED

ATHER ENERGY PRIVATE LIMITED

ATHER ENERGY PRIVATE LIMITED


Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org
ADMIRED BRANDS

AFTER MARKET SERVICES

CATEGORIES

DISTRIBUTORS & VADs
GOVERNMENT BODIES

INDUSTRY BODIES

MAKE IN INDIA

CONTACT US

SUBSCRIBE NOW