CVE-2017-18723

CWE-787Out-of-bounds Write3 documents3 sources
Severity
8.8HIGH
EPSS
0.3%
top 49.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Netgear D6200 FirmwareNetgear R6700 FirmwareNetgear R6800 Firmware+1 more
Timeline
PublishedApr 24
Latest updateMay 24

Description

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

NVDnetgear/d6200_firmware< 1.1.00.24
NVDnetgear/r6800_firmware< 1.1.0.42
NVDnetgear/r6700_firmware< 1.1.0.42
NVDnetgear/r6900_firmware< 1.1.0.42

🔴Vulnerability Details

2
GHSA
GHSA-cj2w-gr33-v35w: Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker2022-05-24
CVEList
CVE-2017-18723: Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker2020-04-24
CVE-2017-18723 (HIGH CVSS 8.8) | Certain NETGEAR devices are affecte | cvebase.io