CVE-2017-18787

CWE-743 documents3 sources
Severity
7.8HIGH
EPSS
0.3%
top 42.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Netgear D6200 FirmwareNetgear Jnr1010 FirmwareNetgear Jr6150 Firmware+6 more
Timeline
PublishedApr 22
Latest updateMay 24

Description

Certain NETGEAR devices are affected by command injection. This affects D6200 before 1.1.00.24, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6050, before 1.0.1.12, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages9 packages

NVDnetgear/d6200_firmware< 1.1.00.24
NVDnetgear/r6050_firmware< 1.0.1.12
NVDnetgear/jr6150_firmware< 1.0.1.12
NVDnetgear/pr2000_firmware< 1.0.0.20
NVDnetgear/wnr2020_firmware< 1.1.0.44

🔴Vulnerability Details

2
GHSA
GHSA-jgf9-34c8-xvj6: Certain NETGEAR devices are affected by command injection2022-05-24
CVEList
CVE-2017-18787: Certain NETGEAR devices are affected by command injection2020-04-22
CVE-2017-18787 (HIGH CVSS 7.8) | Certain NETGEAR devices are affecte | cvebase.io