430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Netgear Routers impacted by FunJSQ Game Acceleration Module flaw

Multiple Netgear router models are impacted by an arbitrary code execution via FunJSQ, which is a third-party module for online game acceleration. Researchers at security and compliance assessment firm Onekey warns of an arbitrary code execution via FunJSQ, which is a third-party module developed by Xiamen Xunwang Network Technology for online game acceleration, that impacts […]

Netgear Nighthawk R6700v3

Multiple Netgear router models are impacted by an arbitrary code execution via FunJSQ, which is a third-party module for online game acceleration.

Researchers at security and compliance assessment firm Onekey warns of an arbitrary code execution via FunJSQ, which is a third-party module developed by Xiamen Xunwang Network Technology for online game acceleration, that impacts multiple Netgear router models.

The FunJSQ module is used in various Netgear routers and Orbi WiFi systems, the issues affecting it were discovered in May 2022 and are now fixed. The analysis of various firmware allowed the researchers to discover the presence of the flawed module in NETGEAR devices (R9000, R7800, RAX200, RAX120, R6230, R6260, RAX40) and some Orbi WiFi Systems (RBR20, RBS20, RBR50, RBS50). 

“Back in May 2022, we discovered FunJSQ, a third-party gaming speed-improvement service by China-based Xiamen Xunwang Network Technology Co., Ltd., present in the majority of NETGEAR firmware images in our corpus.” reads the post published by the experts. “The plot thickened as we dug more into it and we ended up performing full-on vulnerability research against it. We identified multiple issues affecting this third-party component that could lead to arbitrary code execution from LAN and WAN interfaces.”

The experts discovered the following inssued while analyzing the firmware used by the NETGEAR R7000.

  • insecure communications due to explicit disabling of certificate validation (-k), which allows us to tamper with data returned from the server
  • update packages are simply validated via a hash checksum, packages are not signed in any way
  • arbitrary extraction to the root path with elevated privileges, allowing whoever controls the update package to overwrite anything anywhere on the device (which puts a lot of trust in a third party supplier)

Basically the overall update process relies on unsigned packages that are validated on the device using a hash checksum only. Experts also discovered that the module doesn’t rely on secure communication for the update process, which means that an attacker can tamper with the update packages.

The issue related to the insecure update mechanism was tracked as CVE-2022-40620, while the unauthenticated command injection flaw was tracked as CVE-2022-40619.

“All of these combined can lead to arbitrary code execution from the WAN interface.” reads the analysis published by Onekey.

NETGEAR, which fixed the issue in June, pointed out that the vulnerabilities could be exploited only by an attacker with the knowledge of the victim’s WiFi password or an Ethernet connection to the victim’s router.

Netgear Nighthawk R6700v3

“NETGEAR is aware of vulnerabilities in FunJSQ, a third-party module integrated on some routers and Orbi WiFi Systems. This vulnerability requires an attacker to have your WiFi password or an Ethernet connection to your router to be exploited.” reads the advisory published by NETGEAR.

Users are recommended to update their devices as soon as possible.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, NETGEAR)

[adrotate banner=”5″]

[adrotate banner=”13″]