Lucene search

MitreCVE-2017-18790

HistoryApr 21, 2020 - 7:15 p.m.

CVE-2017-18790

2020-04-2119:15:11

CWE-200

mitre

web.nvd.nist.gov

netgear

information disclosure

cve-2017-18790

nvd

r6700

r7000

r7100lg

r7900

r8000

r8500

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

6.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.2

Confidence

High

EPSS

0.001

Percentile

30.6%

JSON

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6700 before 1.0.1.26, R7000 before 1.0.9.10, R7100LG before 1.0.0.32, R7900 before 1.0.1.18, R8000 before 1.0.3.54, and R8500 before 1.0.2.100.

Affected configurations

Nvd

Node

netgearr6700Match-

AND

netgearr6700_firmwareRange<1.0.1.26

Node

netgearr7000Match-

AND

netgearr7000_firmwareRange<1.0.9.10

Node

netgearr7100lgMatch-

AND

netgearr7100lg_firmwareRange<1.0.0.32

Node

netgearr7900Match-

AND

netgearr7900_firmwareRange<1.0.1.18

Node

netgearr8000Match-

AND

netgearr8000_firmwareRange<1.0.3.54

Node

netgearr8500Match-

AND

netgearr8500_firmwareRange<1.0.2.100

VendorProductVersionCPE
netgearr6700-cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*
netgearr6700_firmware*cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*
netgearr7000-cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*
netgearr7000_firmware*cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*
netgearr7100lg-cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*
netgearr7100lg_firmware*cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*
netgearr7900-cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*
netgearr7900_firmware*cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*
netgearr8000-cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*
netgearr8000_firmware*cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
netgear	r6700	-	cpe:2.3:h:netgear:r6700:-:::::::*
netgear	r6700_firmware	*	cpe:2.3:o:netgear:r6700_firmware::::::::
netgear	r7000	-	cpe:2.3:h:netgear:r7000:-:::::::*
netgear	r7000_firmware	*	cpe:2.3:o:netgear:r7000_firmware::::::::
netgear	r7100lg	-	cpe:2.3:h:netgear:r7100lg:-:::::::*
netgear	r7100lg_firmware	*	cpe:2.3:o:netgear:r7100lg_firmware::::::::
netgear	r7900	-	cpe:2.3:h:netgear:r7900:-:::::::*
netgear	r7900_firmware	*	cpe:2.3:o:netgear:r7900_firmware::::::::
netgear	r8000	-	cpe:2.3:h:netgear:r8000:-:::::::*
netgear	r8000_firmware	*	cpe:2.3:o:netgear:r8000_firmware::::::::

Rows per page:

1-10 of 121

References

kb.netgear.com/000049372/Security-Advisory-for-Sensitive-Information-Disclosure-Vulnerability-on-Some-Routers-PSV-2017-0317

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

6.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.2

Confidence

High

EPSS

0.001

Percentile

30.6%

JSON

Related for CVE-2017-18790