CVE-2017-18866
6.1
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Exploitability: 2.8 / Impact: 2.7
Source: NVD
Description
Certain NETGEAR devices are affected by stored XSS. This affects R9000 before 1.0.2.40, R6100 before 1.0.1.1, 6R7500 before 1.0.0.110, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, WNDR4300v2 before 1.0.0.48, and WNR2000v5 before 1.0.0.58.
Affected (7)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.110 |
| Running on/with | Platform Versions |
|---|---|
Netgear 6r7500 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.1 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6100 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.3.20 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7500 | Version v2 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.36 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7800 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.40 |
| Running on/with | Platform Versions |
|---|---|
Netgear R9000 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.48 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wndr4300 | Version v2 |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.58 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wnr2000 | Version v5 |
References (2)
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.