Lucene search

[email protected]CVE-2017-18711

HistoryApr 24, 2020 - 2:15 p.m.

CVE-2017-18711

2020-04-2414:15:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2017-18711

netgear

security settings

misconfiguration

vulnerability

8.8 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

30.4%

JSON

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D7800 before 1.0.1.28, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7500v2 before 1.0.3.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR4300v2 before 1.0.0.48, and WNDR4500v3 before 1.0.0.48.

CPENameOperatorVersion
netgear:d7800_firmwarenetgear d7800 firmwarelt1.0.1.28
netgear:r6400_firmwarenetgear r6400 firmwarelt1.0.1.32
netgear:r6400_firmwarenetgear r6400 firmwarelt1.0.2.44
netgear:r7500_firmwarenetgear r7500 firmwarelt1.0.3.20
netgear:r7800_firmwarenetgear r7800 firmwarelt1.0.2.40
netgear:r9000_firmwarenetgear r9000 firmwarelt1.0.2.52
netgear:wndr4300_firmwarenetgear wndr4300 firmwarelt1.0.0.48
netgear:wndr4500_firmwarenetgear wndr4500 firmwarelt1.0.0.48
netgear:r7000p_firmwarenetgear r7000p firmwarelt1.3.0.8
netgear:r7000_firmwarenetgear r7000 firmwarelt1.0.9.14

CPE	Name	Operator	Version
netgear:d7800_firmware	netgear d7800 firmware	lt	1.0.1.28
netgear:r6400_firmware	netgear r6400 firmware	lt	1.0.1.32
netgear:r6400_firmware	netgear r6400 firmware	lt	1.0.2.44
netgear:r7500_firmware	netgear r7500 firmware	lt	1.0.3.20
netgear:r7800_firmware	netgear r7800 firmware	lt	1.0.2.40
netgear:r9000_firmware	netgear r9000 firmware	lt	1.0.2.52
netgear:wndr4300_firmware	netgear wndr4300 firmware	lt	1.0.0.48
netgear:wndr4500_firmware	netgear wndr4500 firmware	lt	1.0.0.48
netgear:r7000p_firmware	netgear r7000p firmware	lt	1.3.0.8
netgear:r7000_firmware	netgear r7000 firmware	lt	1.0.9.14

Rows per page:

1-10 of 131

References

kb.netgear.com/000053137/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-and-Gateways-PSV-2016-0131

8.8 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

30.4%

JSON

Related for CVE-2017-18711

prion1 cvelist1