Organizations Warned of Critical Vulnerabilities in NetModule Routers


Acquired by Belden earlier this year, NetModule provides IIoT and industrial routers, vehicle routers, and other types of wireless M2M connectivity products.

All of NetModule’s routers run the Linux-based NRSW by default, and can be managed remotely using a remote management platform.

According to Flashpoint, its researchers recently identified two critical flaws in NetModule’s router software that remote attackers could exploit to bypass authentication and access administrative functionality.

The security issues were found in code that NetModule removed from NRSW in 2018, but hundreds of devices are still running the older platform versions and can be accessed from the internet, Flashpoint says.