CVE-2017-18776

CWE-287Improper Authentication3 documents3 sources
Severity
8.4HIGH
EPSS
0.0%
top 89.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
14
Netgear D6100 FirmwareNetgear D7000 FirmwareNetgear D7800 Firmware+11 more
Timeline
PublishedApr 22
Latest updateMay 24

Description

Certain NETGEAR devices are affected by authentication bypass. This affects D6100 before V1.0.0.55, D7000 before V1.0.1.50, D7800 before V1.0.1.24, JNR1010v2 before 1.1.0.40, JWNR2010v5 before 1.1.0.40, R6100 before 1.0.1.12, R6220 before 1.1.0.50, R7500 before 1.0.0.108, R7500v2 before 1.0.3.10, WNDR4300v1 before 1.0.2.88, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.40, WNR2000v5 before 1.0.0.42, WNR2020 before 1.1.0.40, and WNR2050 before 1.1.0.40.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.5 | Impact: 5.9

Affected Packages14 packages

NVDnetgear/d6100_firmware< 1.0.0.55
NVDnetgear/d7000_firmware< 1.0.1.50
NVDnetgear/d7800_firmware< 1.0.1.24
NVDnetgear/r6100_firmware< 1.0.1.12
NVDnetgear/r6220_firmware< 1.1.0.50

🔴Vulnerability Details

2
GHSA
GHSA-46v9-6x8x-35pw: Certain NETGEAR devices are affected by authentication bypass2022-05-24
CVEList
CVE-2017-18776: Certain NETGEAR devices are affected by authentication bypass2020-04-22
CVE-2017-18776 (HIGH CVSS 8.4) | Certain NETGEAR devices are affecte | cvebase.io