CVE-2017-18867

EPSS 0.06%
Published 05.05.2020 14:15:12
Last modified 21.11.2024 03:21:08
Source cve@mitre.org
Teams watchlist Login
Open Login

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6100 before 1.0.0.55, D7800 before V1.0.1.24, R7100LG before V1.0.0.32, WNDR4300v1 before 1.0.2.90, and WNDR4500v3 before 1.0.0.48.

Affected products Warnungen 0 Metrics 4 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Netgear ≫ D6100 Firmware Version < 1.0.0.55

Netgear ≫ D6100 Version-

Netgear ≫ D7800 Firmware Version < 1.0.1.24

Netgear ≫ D7800 Version-

Netgear ≫ R7100lg Firmware Version < 1.0.0.32

Netgear ≫ R7100lg Version-

Netgear ≫ Wndr4300 Firmware Version < 1.0.2.90

Netgear ≫ Wndr4300 Versionv1

Netgear ≫ Wndr4500 Firmware Version < 1.0.0.48

Netgear ≫ Wndr4500 Versionv3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.18

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	0.9	5.9	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P
cve@mitre.org	6.8	0.9	5.9	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://kb.netgear.com/000049554/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-and-Gateways-PSV-2017-2198

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-18867

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-18867

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-18867

EUVD