CVE-2017-18715

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
6.1MEDIUM
EPSS
0.4%
top 38.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Netgear Ex3700 FirmwareNetgear Ex3800 FirmwareNetgear Ex6100 Firmware+4 more
Timeline
PublishedApr 24
Latest updateMay 24

Description

Certain NETGEAR devices are affected by reflected XSS. This affects EX3700 before 1.0.0.66, EX3800 before 1.0.0.66, EX6100 before 1.0.2.20, EX6120 before 1.0.0.34, EX6150 before 1.0.0.36, EX6200 before 1.0.3.84, and EX7000 before 1.0.0.60.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages7 packages

NVDnetgear/ex3700_firmware< 1.0.0.66
NVDnetgear/ex3800_firmware< 1.0.0.66
NVDnetgear/ex6100_firmware< 1.0.2.20
NVDnetgear/ex6120_firmware< 1.0.0.34
NVDnetgear/ex6150_firmware< 1.0.0.36

🔴Vulnerability Details

2
GHSA
GHSA-vf36-4466-h44f: Certain NETGEAR devices are affected by reflected XSS2022-05-24
CVEList
CVE-2017-18715: Certain NETGEAR devices are affected by reflected XSS2020-04-24
CVE-2017-18715 (MEDIUM CVSS 6.1) | Certain NETGEAR devices are affecte | cvebase.io