Hello and welcome to the Friday, January 31st, 2021, 2025 edition of the Sandton and at Storm Center's Stormcast.

My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida.

In today's diaries, we have a deep dive by David Watson, one of our undergraduate interns, into an older netgear vulnerability, good old

DGN-2200 V1 and DGN 1,000 versions. These routers are no longer supported, but what's always

surprising is how many attacks we're seeing for these particular vulnerabilities.

So David took a closer look and actually did a real nice deep dive into these vulnerabilities,

how they exactly work and how they are being exploited.

Real neat here, even though the vulnerability itself, of course, is well known.

Still, it's out there.

And a good reminder, keep patching your routers.

As I always say, once a month.

Put a note in your calendar.

Check if your router firmware is up to date.

And yes, the real big problem here is that some of these devices

are end of life. And that's sometimes actually real difficult to detect or even realize that

your device no longer receives any updates. That's hopefully one of the things that this new

cybersecurity label that's supposed to come out is going to fix because it's part of that specification.

Routers are supposed to provide basically some kind of end-of-life date and indicator when the router will no longer be updated.

And VMware patched five different vulnerabilities in VMware area operations as well as area

operations for logs.

The CVE numbers of some of them may be a little bit on the low side, in particular, one that's a broken access control vulnerability,

that does allow a normal user to execute commands as an administrator,

...