Lucene search

MitreCVE-2017-18799

HistoryApr 21, 2020 - 7:15 p.m.

CVE-2017-18799

2020-04-2119:15:12

CWE-20

mitre

web.nvd.nist.gov

cve-2017-18799

netgear

security settings

configuration

vulnerability

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

35.9%

JSON

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6200v2 before 1.0.3.14, R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.1.1.20, R7000 before 1.0.7.10, R7000P/R6900P before 1.0.0.56, R7100LG before 1.0.0.30, R7900 before 1.0.1.14, R8000 before 1.0.3.22, R8500 before 1.0.2.74, and D8500 before 1.0.3.28.

Affected configurations

Nvd

Node

netgearr6200_firmwareRange<1.0.3.14

AND

netgearr6200Matchv2

Node

netgearr6250Match-

AND

netgearr6250_firmwareRange<1.0.4.8

Node

netgearr6300Matchv2

AND

netgearr6300_firmwareRange<1.0.4.8

Node

netgearr6700Match-

AND

netgearr6700_firmwareRange<1.1.1.20

Node

netgearr7000Match-

AND

netgearr7000_firmwareRange<1.0.7.10

Node

netgearr7000pMatch-

AND

netgearr7000p_firmwareRange<1.0.0.56

Node

netgearr6900pMatch-

AND

netgearr6900p_firmwareRange<1.0.0.56

Node

netgearr7100lgMatch-

AND

netgearr7100lg_firmwareRange<1.0.0.30

Node

netgearr7900Match-

AND

netgearr7900_firmwareRange<1.0.1.14

Node

netgearr8000_firmwareRange<1.0.3.22

AND

netgearr8000Match-

Node

netgearr8500_firmwareRange<1.0.2.74

AND

netgearr8500Match-

Node

netgeard8500_firmwareRange<1.0.3.28

AND

netgeard8500Match-

VendorProductVersionCPE
netgearr6200_firmware*cpe:2.3:o:netgear:r6200_firmware:*:*:*:*:*:*:*:*
netgearr6200v2cpe:2.3:h:netgear:r6200:v2:*:*:*:*:*:*:*
netgearr6250-cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*
netgearr6250_firmware*cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*
netgearr6300v2cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*
netgearr6300_firmware*cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*
netgearr6700-cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*
netgearr6700_firmware*cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*
netgearr7000-cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*
netgearr7000_firmware*cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
netgear	r6200_firmware	*	cpe:2.3:o:netgear:r6200_firmware::::::::
netgear	r6200	v2	cpe:2.3:h:netgear:r6200:v2:::::::*
netgear	r6250	-	cpe:2.3:h:netgear:r6250:-:::::::*
netgear	r6250_firmware	*	cpe:2.3:o:netgear:r6250_firmware::::::::
netgear	r6300	v2	cpe:2.3:h:netgear:r6300:v2:::::::*
netgear	r6300_firmware	*	cpe:2.3:o:netgear:r6300_firmware::::::::
netgear	r6700	-	cpe:2.3:h:netgear:r6700:-:::::::*
netgear	r6700_firmware	*	cpe:2.3:o:netgear:r6700_firmware::::::::
netgear	r7000	-	cpe:2.3:h:netgear:r7000:-:::::::*
netgear	r7000_firmware	*	cpe:2.3:o:netgear:r7000_firmware::::::::

Rows per page:

1-10 of 241

References

kb.netgear.com/000049357/Security-Advisory-for-Security-Misconfiguration-Vulnerability-on-D8500-and-Some-Routers-PSV-2017-0528

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

35.9%

JSON

Related for CVE-2017-18799