CVE-2017-18799

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6200v2 before 1.0.3.14, R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.1.1.20, R7000 before 1.0.7.10, R7000P/R6900P before 1.0.0.56, R7100LG before 1.0.0.30, R7900 before 1.0.1.14, R8000 before 1.0.3.22, R8500 before 1.0.2.74, and D8500 before 1.0.3.28.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
mitreCNA
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AC:L/AV:N/A:N/C:H/I:N/PR:N/S:U/UI:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 53%
VendorProductVersion
netgearr6200_firmware
𝑥
< 1.0.3.14
netgearr6250_firmware
𝑥
< 1.0.4.8
netgearr6300_firmware
𝑥
< 1.0.4.8
netgearr6700_firmware
𝑥
< 1.1.1.20
netgearr7000_firmware
𝑥
< 1.0.7.10
netgearr7000p_firmware
𝑥
< 1.0.0.56
netgearr6900p_firmware
𝑥
< 1.0.0.56
netgearr7100lg_firmware
𝑥
< 1.0.0.30
netgearr7900_firmware
𝑥
< 1.0.1.14
netgearr8000_firmware
𝑥
< 1.0.3.22
netgearr8500_firmware
𝑥
< 1.0.2.74
netgeard8500_firmware
𝑥
< 1.0.3.28
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://kb.netgear.com/000049357/Security-Advisory-for-Security-Misconfiguration-Vulnerability-on-D8500-and-Some-Routers-PSV-2017-0528
https://kb.netgear.com/000049357/Security-Advisory-for-Security-Misconfiguration-Vulnerability-on-D8500-and-Some-Routers-PSV-2017-0528