Enhancements:

• Added support for salted hash to store password.
• The default minimum community string length for SNMPv3 is 8 chars.
• As per Mozilla's recommendation, only secure TLS1.2 ciphers are supported.
• Upgraded jQuery library to version 3.6.0.
• SNMPv3 message encryption uses AES128.
• SNMPv3 message authentication uses SHA-512.
• Upgraded OpenSSL library to the 1.1.11 version.
• Enhanced the brute-force attack protection. 

Security Fixes:

• Fixes security vulnerabilities.

For more information about security vulnerabilities, visit https://www.netgear.com/about/security/.

Bug Fixes:

• When the user enters the password, clear text display of the password is removed.
• Addressed HTTP header sanity check
• Removed insecure hashing methods such as MD5.

Known Issues:

• For user passwords, line passwords and enable passwords, automatic configuration migration is supported to a more secure SHA512 in 12.0.17.6 or later releases if the passwords are encrypted in AES in 12.0.2.40 or prior releases. 
• User, line and enable passwords are encrypted with MD5 (salted) in 12.0.2.40  or prior releases, they won’t be migrated into 12.0.17.6 or later releases, so you must reconfigure them. 
• SNMPv3 MD5 and SHA-based passwords from 12.0.2.40 or prior releases won’t be migrated into 12.0.17.6 or later releases, so you must reconfigure them. 

Download Link: https://www.downloads.netgear.com/files/GDC/M4200/GSM4210P_V12.0.17.6.zip

Firmware Update Instructions:

To update your product’s firmware, follow the instructions in your product’s user manual. To find your user manual, visit https://www.netgear.com/support/, enter your model number in the search box, and click the Documentation button on the product page.