Hundreds of thousands–potentially more than one million–Netgear routers are susceptible to a pair of vulnerabilities that can lead to password disclosure.
Researchers said that while anyone who has physical access to a router can exploit the vulnerabilities locally, the real threat is that the flaw can also be exploited remotely.
According to Simon Kenin, a security researcher with Trustwave’s Spiderlabs team, who discovered the flaw and disclosed it Monday, the vulnerabilities can be remotely exploited if the router’s remote management option is enabled.