CVE-2018-21168
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD
Description
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D7000 before 1.0.1.52, D7800 before 1.0.1.31, D8500 before 1.0.3.36, JNR1010v2 before 1.1.0.46, JR6150 before 1.0.1.14, JWNR2010v5 before 1.1.0.46, PR2000 before 1.0.0.20, R6050 before 1.0.1.14, R6220 before 1.1.0.60, R6400 before 1.1.0.26, R6400v2 before 1.0.2.46, R6700v2 before 1.2.0.2, R6800 before 1.2.0.2, R6900v2 before 1.2.0.2, R7300DST before 1.0.0.56, R7500 before 1.0.0.112, R7500v2 before 1.0.3.24, R7800 before 1.0.2.36, R7900P before 1.1.4.6, R8000P before 1.1.4.6, R8300 before 1.0.2.104, R8500 before 1.0.2.104, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.94, WNDR3700v5 before 1.1.0.50, WNDR4300 before 1.0.2.96, WNDR4300v2 before 1.0.0.52, WNDR4500v3 before 1.0.0.52, WNR1000v4 before 1.1.0.46, WNR2020 before 1.1.0.46, and WNR2050 before 1.1.0.46.
Affected (31)
Products: Netgear: D7000 Firmware, D7800 Firmware, D8500 Firmware, Jnr1010 Firmware, Jr6150 Firmware, Jwnr2010 Firmware, Pr2000 Firmware, R6050 Firmware, R6220 Firmware, R6400 Firmware, R6700 Firmware, R6800 Firmware, R6900 Firmware, R7300dst Firmware, R7500 Firmware, R7800 Firmware, R7900p Firmware, R8000p Firmware, R8300 Firmware, R8500 Firmware, R9000 Firmware, Wndr3700 Firmware, Wndr4300 Firmware, Wndr4500 Firmware, Wnr1000 Firmware, Wnr2020 Firmware, Wnr2050 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.52 |
| Running on/with | Platform Versions |
|---|---|
Netgear D7000 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.31 |
| Running on/with | Platform Versions |
|---|---|
Netgear D7800 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.3.36 |
| Running on/with | Platform Versions |
|---|---|
Netgear D8500 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.0.46 |
| Running on/with | Platform Versions |
|---|---|
Netgear Jnr1010 | Version v2 |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.14 |
| Running on/with | Platform Versions |
|---|---|
Netgear Jr6150 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.0.46 |
| Running on/with | Platform Versions |
|---|---|
Netgear Jwnr2010 | Version v5 |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.20 |
| Running on/with | Platform Versions |
|---|---|
Netgear Pr2000 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.14 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6050 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.0.60 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6220 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.0.26 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6400 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.46 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6400 | Version v2 |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.2.0.2 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6700 | Version v2 |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.2.0.2 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6800 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.2.0.2 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6900 | Version v2 |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.56 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7300dst | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.112 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7500 | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.3.24 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7500 | Version v2 |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.36 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7800 | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.4.6 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7900p | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.4.6 |
| Running on/with | Platform Versions |
|---|---|
Netgear R8000p | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.104 |
| Running on/with | Platform Versions |
|---|---|
Netgear R8300 | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.104 |
| Running on/with | Platform Versions |
|---|---|
Netgear R8500 | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.52 |
| Running on/with | Platform Versions |
|---|---|
Netgear R9000 | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.94 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wndr3700 | Version v4 |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.0.50 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wndr3700 | Version v5 |
Configuration Z
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.96 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wndr4300 | All versions |
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.52 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wndr4300 | Version v2 |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.52 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wndr4500 | Version v3 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.0.46 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wnr1000 | Version v4 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.0.46 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wnr2020 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.1.0.46 |
| Running on/with | Platform Versions |
|---|---|
Netgear Wnr2050 | All versions |
References (2)
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.