6.5
CVE-2017-18712
- EPSS 0.18%
- Veröffentlicht 24.04.2020 14:15:12
- Zuletzt bearbeitet 21.11.2024 03:20:43
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D7800 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR4300v2 before 1.0.0.48, and WNDR4500v3 before 1.0.0.48.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Netgear ≫ R7800 Firmware Version < 1.0.2.40
Netgear ≫ R9000 Firmware Version < 1.0.2.52
Netgear ≫ R7500 Firmware Version < 1.0.0.118
Netgear ≫ Wndr4300 Firmware Version < 1.0.0.48
Netgear ≫ Wndr4500 Firmware Version < 1.0.0.48
Netgear ≫ R6100 Firmware Version < 1.0.1.20
Netgear ≫ D7800 Firmware Version < 1.0.1.28
Netgear ≫ R7500 Firmware Version < 1.0.3.20
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.18% | 0.401 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 3.3 | 6.5 | 2.9 |
AV:A/AC:L/Au:N/C:P/I:N/A:N
|
| cve@mitre.org | 6.5 | 2.8 | 3.6 |
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.