NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Squuiid's avatar
Squuiid
Luminary
Feb 15, 2025

MS510TXPP - critical vulnerability on latest 6.7.0.52 firmware

The Netgear MS510TXPP switch is vulnerable to CVE-2019-16645 on the latest 6.7.0.52 firmware. There has not been a new firmware released for this device since 2022 despite a long list of outstanding ...
BrianL's avatar
BrianL
NETGEAR Moderator
Feb 18, 2025

Hi Squuiid,

 

Thank you for sharing this one. Can you submit /or report it here? Also, opening a support ticket would help to speed up the reporting of the vulnerabilities you found.

 

 

Kind regards,

 

BrianL

  • Squuiid's avatar
    Squuiid
    Luminary
    Feb 27, 2025

    Thanks BrianL . I submitted a BugCrowd report and it got rejected for formatting, which is frankly not acceptable. I very clearly gave links to PoCs, gave the relevant CVE and the product and firmware affected. The fact that they did not care enough to use this information to address the vulnerability is shocking.

     

    I also opened a ticket, managed to get it escalated to a Level 3 engineer after quite a few emails with someone in Level 1, provided the information asked for, and then nothing. No response for weeks. Not even an acknowledgement.

     

    I have zero confidence in this being addressed and it is very clear to me that Netgear does not value the security of its products. This will absolutely be my last. This is supposedly a business grade switch which is still being sold and 'supported', yet its latest firmware was released in 2022 which carried a published CVE vulnerability from 2019! NOT OK.

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More