Lucene search

[email protected]NVD:CVE-2018-21096

HistoryApr 27, 2020 - 4:15 p.m.

CVE-2018-21096

2020-04-2716:15:12

CWE-352

[email protected]

web.nvd.nist.gov

CVSS2

4.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:S/C:P/I:P/A:P

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

Percentile

12.6%

JSON

Certain NETGEAR devices are affected by CSRF. This affects WAC120 before 2.1.7, WAC505 before 5.0.5.4, WAC510 before 5.0.5.4, WNAP320 before 3.7.11.4, WNAP210v2 before 3.7.11.4, WNDAP350 before 3.7.11.4, WNDAP360 before 3.7.11.4, WNDAP660 before 3.7.11.4, WNDAP620 before 2.1.7, WND930 before 2.1.5, and WN604 before 3.3.10.

Affected configurations

Nvd

Node

netgearwac120_firmwareRange<2.1.7

AND

netgearwac120Match-

Node

netgearwac505_firmwareRange<5.0.5.4

AND

netgearwac505Match-

Node

netgearwac510_firmwareRange<5.0.5.4

AND

netgearwac510Match-

Node

netgearwnap320_firmwareRange<3.7.11.4

AND

netgearwnap320Match-

Node

netgearwnap210_firmwareRange<3.7.11.4

AND

netgearwnap210Matchv2

Node

netgearwndap350_firmwareRange<3.7.11.4

AND

netgearwndap350Match-

Node

netgearwndap360_firmwareRange<3.7.11.4

AND

netgearwndap360Match-

Node

netgearwndap660_firmwareRange<3.7.11.4

AND

netgearwndap660Match-

Node

netgearwndap620_firmwareRange<2.1.7

AND

netgearwndap620Match-

Node

netgearwnd930_firmwareRange<2.1.5

AND

netgearwnd930Match-

Node

netgearwn604_firmwareRange<3.3.10

AND

netgearwn604Match-

VendorProductVersionCPE
netgearwac120_firmware*cpe:2.3:o:netgear:wac120_firmware:*:*:*:*:*:*:*:*
netgearwac120-cpe:2.3:h:netgear:wac120:-:*:*:*:*:*:*:*
netgearwac505_firmware*cpe:2.3:o:netgear:wac505_firmware:*:*:*:*:*:*:*:*
netgearwac505-cpe:2.3:h:netgear:wac505:-:*:*:*:*:*:*:*
netgearwac510_firmware*cpe:2.3:o:netgear:wac510_firmware:*:*:*:*:*:*:*:*
netgearwac510-cpe:2.3:h:netgear:wac510:-:*:*:*:*:*:*:*
netgearwnap320_firmware*cpe:2.3:o:netgear:wnap320_firmware:*:*:*:*:*:*:*:*
netgearwnap320-cpe:2.3:h:netgear:wnap320:-:*:*:*:*:*:*:*
netgearwnap210_firmware*cpe:2.3:o:netgear:wnap210_firmware:*:*:*:*:*:*:*:*
netgearwnap210v2cpe:2.3:h:netgear:wnap210:v2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
netgear	wac120_firmware	*	cpe:2.3:o:netgear:wac120_firmware::::::::
netgear	wac120	-	cpe:2.3:h:netgear:wac120:-:::::::*
netgear	wac505_firmware	*	cpe:2.3:o:netgear:wac505_firmware::::::::
netgear	wac505	-	cpe:2.3:h:netgear:wac505:-:::::::*
netgear	wac510_firmware	*	cpe:2.3:o:netgear:wac510_firmware::::::::
netgear	wac510	-	cpe:2.3:h:netgear:wac510:-:::::::*
netgear	wnap320_firmware	*	cpe:2.3:o:netgear:wnap320_firmware::::::::
netgear	wnap320	-	cpe:2.3:h:netgear:wnap320:-:::::::*
netgear	wnap210_firmware	*	cpe:2.3:o:netgear:wnap210_firmware::::::::
netgear	wnap210	v2	cpe:2.3:h:netgear:wnap210:v2:::::::*

Rows per page:

1-10 of 221

References

kb.netgear.com/000060455/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Wireless-Access-Points-PSV-2018-0096

CVSS2

4.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:S/C:P/I:P/A:P

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2018-21096

cvelist1 prion1 cve1