Lucene search

[email protected]CVE-2017-18860

HistoryApr 29, 2020 - 2:15 p.m.

CVE-2017-18860

2020-04-2914:15:00

CWE-74

[email protected]

web.nvd.nist.gov

netgear

debugging

command execution

vulnerability

cve-2017-18860

nvd

security

information security

7.7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

7.6 High

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

0.001 Low

EPSS

Percentile

22.1%

JSON

Certain NETGEAR devices are affected by debugging command execution. This affects FS752TP 5.4.2.19 and earlier, GS108Tv2 5.4.2.29 and earlier, GS110TP 5.4.2.29 and earlier, GS418TPP 6.6.2.6 and earlier, GS510TLP 6.6.2.6 and earlier, GS510TP 5.04.2.27 and earlier, GS510TPP 6.6.2.6 and earlier, GS716Tv2 5.4.2.27 and earlier, GS716Tv3 6.3.1.16 and earlier, GS724Tv3 5.4.2.27 and earlier, GS724Tv4 6.3.1.16 and earlier, GS728TPSB 5.3.0.29 and earlier, GS728TSB 5.3.0.29 and earlier, GS728TXS 6.1.0.35 and earlier, GS748Tv4 5.4.2.27 and earlier, GS748Tv5 6.3.1.16 and earlier, GS752TPSB 5.3.0.29 and earlier, GS752TSB 5.3.0.29 and earlier, GS752TXS 6.1.0.35 and earlier, M4200 12.0.2.10 and earlier, M4300 12.0.2.10 and earlier, M5300 11.0.0.28 and earlier, M6100 11.0.0.28 and earlier, M7100 11.0.0.28 and earlier, S3300 6.6.1.4 and earlier, XS708T 6.6.0.11 and earlier, XS712T 6.1.0.34 and earlier, and XS716T 6.6.0.11 and earlier.

CPENameOperatorVersion
netgear:fs752tp_firmwarenetgear fs752tp firmwarele5.4.2.19
netgear:gs108t_firmwarenetgear gs108t firmwarele5.4.2.29
netgear:gs110tp_firmwarenetgear gs110tp firmwarele5.4.2.29
netgear:gs418tpp_firmwarenetgear gs418tpp firmwarele6.6.2.6
netgear:gs510tlp_firmwarenetgear gs510tlp firmwarele6.6.2.6
netgear:gs510tp_firmwarenetgear gs510tp firmwarele5.04.2.27
netgear:gs510tpp_firmwarenetgear gs510tpp firmwarele6.6.2.6
netgear:gs716t_firmwarenetgear gs716t firmwarele5.4.2.27
netgear:gs716t_firmwarenetgear gs716t firmwarele6.3.1.16
netgear:gs724t_firmwarenetgear gs724t firmwarele5.4.2.27

CPE	Name	Operator	Version
netgear:fs752tp_firmware	netgear fs752tp firmware	le	5.4.2.19
netgear:gs108t_firmware	netgear gs108t firmware	le	5.4.2.29
netgear:gs110tp_firmware	netgear gs110tp firmware	le	5.4.2.29
netgear:gs418tpp_firmware	netgear gs418tpp firmware	le	6.6.2.6
netgear:gs510tlp_firmware	netgear gs510tlp firmware	le	6.6.2.6
netgear:gs510tp_firmware	netgear gs510tp firmware	le	5.04.2.27
netgear:gs510tpp_firmware	netgear gs510tpp firmware	le	6.6.2.6
netgear:gs716t_firmware	netgear gs716t firmware	le	5.4.2.27
netgear:gs716t_firmware	netgear gs716t firmware	le	6.3.1.16
netgear:gs724t_firmware	netgear gs724t firmware	le	5.4.2.27

Rows per page:

1-10 of 281

References

kb.netgear.com/000038519/Security-Advisory-for-Authentication-Bypass-and-Remote-Command-Execution-on-Some-Smart-and-Managed-Switches-PSV-2017-0857

7.7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

7.6 High

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

0.001 Low

EPSS

Percentile

22.1%

JSON

Related for CVE-2017-18860

prion1