6.5
CVE-2017-18713
- EPSS 0.1%
- Published 24.04.2020 14:15:12
- Last modified 21.11.2024 03:20:43
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D7800 before 1.0.1.28, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R7500v2 before 1.0.3.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR4300v2 before 1.0.0.48, and WNDR4500v3 before 1.0.0.48.
Data is provided by the National Vulnerability Database (NVD)
Netgear ≫ R7800 Firmware Version < 1.0.2.40
Netgear ≫ R9000 Firmware Version < 1.0.2.52
Netgear ≫ Wndr4300 Firmware Version < 1.0.0.48
Netgear ≫ Wndr4500 Firmware Version < 1.0.0.48
Netgear ≫ D7800 Firmware Version < 1.0.1.28
Netgear ≫ R7500 Firmware Version < 1.0.3.20
Netgear ≫ R6700 Firmware Version < 1.0.1.36
Netgear ≫ R6900 Firmware Version < 1.0.1.34
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.1% | 0.239 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 3.3 | 6.5 | 2.9 |
AV:A/AC:L/Au:N/C:P/I:N/A:N
|
| cve@mitre.org | 6.5 | 2.8 | 3.6 |
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.