CVE-2017-18790

EPSS 0.06%
Veröffentlicht 21.04.2020 19:15:11
Zuletzt bearbeitet 21.11.2024 03:20:55
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6700 before 1.0.1.26, R7000 before 1.0.9.10, R7100LG before 1.0.0.32, R7900 before 1.0.1.18, R8000 before 1.0.3.54, and R8500 before 1.0.2.100.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Netgear ≫ R6700 Firmware Version < 1.0.1.26

Netgear ≫ R6700 Version-

Netgear ≫ R7000 Firmware Version < 1.0.9.10

Netgear ≫ R7000 Version-

Netgear ≫ R7100lg Firmware Version < 1.0.0.32

Netgear ≫ R7100lg Version-

Netgear ≫ R7900 Firmware Version < 1.0.1.18

Netgear ≫ R7900 Version-

Netgear ≫ R8000 Firmware Version < 1.0.3.54

Netgear ≫ R8000 Version-

Netgear ≫ R8500 Firmware Version < 1.0.2.100

Netgear ≫ R8500 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.166

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.2	2.5	3.6	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N
cve@mitre.org	6.2	2.5	3.6	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

https://kb.netgear.com/000049372/Security-Advisory-for-Sensitive-Information-Disclosure-Vulnerability-on-Some-Routers-PSV-2017-0317

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-18790

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-18790

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-18790

EUVD