CVE-2017-18709

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R8300 before 1.0.2.94 and R8500 before 1.0.2.94.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
4 MEDIUM
LOCAL
HIGH
NONE
CVSS:3.0/AC:H/AV:L/A:N/C:L/I:L/PR:N/S:U/UI:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
VendorProductVersion
netgearr8300_firmware
𝑥
< 1.0.2.94
netgearr8500_firmware
𝑥
< 1.0.2.94
𝑥
= Vulnerable software versions
References
https://kb.netgear.com/000053156/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-0326
https://kb.netgear.com/000053156/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-0326