CVE-2017-18853
6.5
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 2.8 / Impact: 3.6
Source: NVD
Description
Certain NETGEAR devices are affected by password recovery and file access. This affects D8500 1.0.3.27 and earlier, DGN2200v4 1.0.0.82 and earlier, R6300v2 1.0.4.06 and earlier, R6400 1.0.1.20 and earlier, R6400v2 1.0.2.18 and earlier, R6700 1.0.1.22 and earlier, R6900 1.0.1.20 and earlier, R7000 1.0.7.10 and earlier, R7000P 1.0.0.58 and earlier, R7100LG 1.0.0.28 and earlier, R7300DST 1.0.0.52 and earlier, R7900 1.0.1.12 and earlier, R8000 1.0.3.46 and earlier, R8300 1.0.2.86 and earlier, R8500 1.0.2.86 and earlier, WNDR3400v3 1.0.1.8 and earlier, and WNDR4500v2 1.0.0.62 and earlier.
Affected (17)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.0.3.27 |
| Running on/with | Platform Versions |
|---|---|
Netgear D8500 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.0.0.82 |
| Running on/with | Platform Versions |
|---|---|
Netgear Dgn2200 | Version v4 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.0.4.06 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6300 | Version v2 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.0.1.20 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6400 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.0.2.18 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6400 | Version v2 |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.0.1.22 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6700 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.0.1.20 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6900 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.0.7.10 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7000 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.0.0.58 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7000p | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.0.0.28 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7100lg | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.0.0.52 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7300dst | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.0.1.12 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7900 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.0.3.46 |
| Running on/with | Platform Versions |
|---|---|
Netgear R8000 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.0.2.86 |
| Running on/with | Platform Versions |
|---|---|
Netgear R8300 | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.0.2.86 |
| Running on/with | Platform Versions |
|---|---|
Netgear R8500 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.0.1.8 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wndr3400 | Version v3 |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.0.0.62 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wndr4500 | Version v2 |
References (2)
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.