February 4, 2025 By Sergiu Gatlan
Netgear has fixed two critical vulnerabilities affecting multiple WiFi router models and urged customers to update their devices to the latest firmware as soon as possible.
The security flaws impact multiple WiFi 6 access points (WAX206, WAX214v2, and WAX220) and Nighthawk Pro Gaming router models (XR1000, XR1000v2, XR500).
Although the American computer networking company did not disclose more details about the two bugs, it did reveal that unauthenticated threat actors can exploit them for remote code execution (tracked internally as PSV-2023-0039) and authentication bypass (PSV-2021-0117) in low-complexity attacks that don't require user interaction.
"NETGEAR strongly recommends that you download the latest firmware as soon as possible," the company said in security advisories published over the weekend.
The table below lists all vulnerable router models and the firmware versions with security patches.
| Vulnerable Netgear router | Patched firmware version |
| XR1000 | Firmware version 1.0.0.74 |
| XR1000v2 | Firmware version 1.1.0.22 |
| XR500 | Firmware version 2.3.2.134 |
| WAX206 | Firmware version 1.0.5.3 |
| WAX220 | Firmware version 1.0.5.3 |
| WAX214v2 | Firmware version 1.0.2.5 |
To download and install the latest firmware for your Netgear router, you have to go through the following steps:
