Netgear WNDR3700v4 Router Firmware Upgrade 126.96.36.199 (All Regions Except China and Russia
- Fixed security vulnerabilities CVE-2013-3069, CVE-2013-3070, CVE-2013-3071, CVE-2013-3073, CVE-2013-3074.
- [CVE-2013-3069] Multiple Cross-Site Scripting (XSS): Requires Authentication to set and enable.
- [CVE-2013-3070] Secuirty-Information Disclosure: Unauthenticated attackers can make a request to the management web interface to disclose the PSK of the wireless LAN.
- [CVE-2013-3071] Security-Authentication Bypass: An unauthenticated attacker can send a request to the management web interface which breaks HTTP Basic Authentication and any subsequent requests to the router are now authenticated.
- [CVE-2013-3073] USB Security vulnerability: A symbolic link can be created on the SMB share which grants access to the root file system.
- [CVE-2013-3074] DLNA: The minidlna server will crash when accessing a non-existent file such as http://192.168.1.1:8200/MediaItems/1.mp3
- Fixed security vulnerabilities reported in "The Shadow File" blog post.
Netgear R6300v2 WiFi Router Firmware Update 188.8.131.52
Netgear WNDR3700v4 Router Firmware Upgrade 184.108.40.206
Netgear WNR3500Lv2 Router Firmware Upgrade 220.127.116.11
Netgear R6200 WiFi Router Firmware Upgrade 18.104.22.168
Netgear R7000 WiFi Router Firmware Upgrade 22.214.171.124