Forum Discussion

Aspirant

Mar 26, 2017

CSRF/LocalFile/XSS product Vulnerability

Netgear CM600, I was wondering if the CSRF / LocalFile / XSS product vulnerability has been fixed yet? I bought one and it has firmware version V1. 01.05

Firmware

dallascowboyswo

Aspirant

Mar 27, 2017

I checked and the current firmware for other ISPs is V1.01.06 . I use Suddenlink. I contacted Suddenlink twice and they stated they could not update the firmware. On the 3rd time the Tech said he attempted to update the firmware but when I rebooted I still had v1.01.05 So they were unable to update my firmware. Should I be concerned. Has the latest firmware been pushed to Suddenlink?

DarrenM

Sr. NETGEAR Moderator

Mar 29, 2017

Here is the KB to the latest firmwares via ISP

https://kb.netgear.com/000036375/What-s-the-latest-firmware-version-of-my-NETGEAR-cable-modem-or-modem-router?cid=wmt_netgear_organic

DarrenM

dallascowboyswo
Aspirant
Mar 29, 2017
DarrenM
Yes that is the KB I saw and that I was referring to that got me started on the quest to redeem my firmware. Any idea if this has been pushed to Suddenlink, which is my ISP.
- dallascowboyswo
  Aspirant
  Mar 30, 2017
  After not being able to resolve this issue via Netgear or my ISP Technical support I returned the product and bought an Arris Surfboard SB6190.