CVE-2017-18776
8.4
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.5 / Impact: 5.9
Source: NVD
Description
Certain NETGEAR devices are affected by authentication bypass. This affects D6100 before V1.0.0.55, D7000 before V1.0.1.50, D7800 before V1.0.1.24, JNR1010v2 before 1.1.0.40, JWNR2010v5 before 1.1.0.40, R6100 before 1.0.1.12, R6220 before 1.1.0.50, R7500 before 1.0.0.108, R7500v2 before 1.0.3.10, WNDR4300v1 before 1.0.2.88, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.40, WNR2000v5 before 1.0.0.42, WNR2020 before 1.1.0.40, and WNR2050 before 1.1.0.40.
Affected (16)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.55 |
| Running on/with | Platform Versions |
|---|---|
Netgear D6100 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.50 |
| Running on/with | Platform Versions |
|---|---|
Netgear D7000 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.24 |
| Running on/with | Platform Versions |
|---|---|
Netgear D7800 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.0.40 |
| Running on/with | Platform Versions |
|---|---|
Netgear Jnr1010 | Version v2 |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.0.40 |
| Running on/with | Platform Versions |
|---|---|
Netgear Jwnr2010 | Version v5 |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.12 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6100 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.0.50 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6220 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.108 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7500 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.3.10 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7500 | Version v2 |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.88 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wndr4300 | Version v1 |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.48 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wndr4300 | Version v2 |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.48 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wndr4500 | Version v3 |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.0.40 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wnr1000 | Version v4 |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.42 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wnr2000 | Version v5 |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.0.40 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wnr2020 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.0.40 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wnr2050 | All versions |
References (2)
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.