7.5
CVE-2017-18799
- EPSS 0.31%
- Published 21.04.2020 19:15:12
- Last modified 21.11.2024 03:20:57
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6200v2 before 1.0.3.14, R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.1.1.20, R7000 before 1.0.7.10, R7000P/R6900P before 1.0.0.56, R7100LG before 1.0.0.30, R7900 before 1.0.1.14, R8000 before 1.0.3.22, R8500 before 1.0.2.74, and D8500 before 1.0.3.28.
Data is provided by the National Vulnerability Database (NVD)
Netgear ≫ R6200 Firmware Version < 1.0.3.14
Netgear ≫ R6250 Firmware Version < 1.0.4.8
Netgear ≫ R6300 Firmware Version < 1.0.4.8
Netgear ≫ R6700 Firmware Version < 1.1.1.20
Netgear ≫ R7000 Firmware Version < 1.0.7.10
Netgear ≫ R7000p Firmware Version < 1.0.0.56
Netgear ≫ R6900p Firmware Version < 1.0.0.56
Netgear ≫ R7100lg Firmware Version < 1.0.0.30
Netgear ≫ R7900 Firmware Version < 1.0.1.14
Netgear ≫ R8000 Firmware Version < 1.0.3.22
Netgear ≫ R8500 Firmware Version < 1.0.2.74
Netgear ≫ D8500 Firmware Version < 1.0.3.28
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.31% | 0.514 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
| cve@mitre.org | 7.5 | 3.9 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.