CVE-2017-18867

EPSS 0.06%
Veröffentlicht 05.05.2020 14:15:12
Zuletzt bearbeitet 21.11.2024 03:21:08
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6100 before 1.0.0.55, D7800 before V1.0.1.24, R7100LG before V1.0.0.32, WNDR4300v1 before 1.0.2.90, and WNDR4500v3 before 1.0.0.48.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Netgear ≫ D6100 Firmware Version < 1.0.0.55

Netgear ≫ D6100 Version-

Netgear ≫ D7800 Firmware Version < 1.0.1.24

Netgear ≫ D7800 Version-

Netgear ≫ R7100lg Firmware Version < 1.0.0.32

Netgear ≫ R7100lg Version-

Netgear ≫ Wndr4300 Firmware Version < 1.0.2.90

Netgear ≫ Wndr4300 Versionv1

Netgear ≫ Wndr4500 Firmware Version < 1.0.0.48

Netgear ≫ Wndr4500 Versionv3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.18

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	0.9	5.9	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P
cve@mitre.org	6.8	0.9	5.9	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://kb.netgear.com/000049554/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-and-Gateways-PSV-2017-2198

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-18867

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-18867

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-18867

EUVD