CVE-2017-18798

CWE-20Improper Input Validation3 documents3 sources
Severity
6.2MEDIUM
EPSS
0.1%
top 76.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Netgear D1500 FirmwareNetgear D500 FirmwareNetgear D7000 Firmware+2 more
Timeline
PublishedApr 21
Latest updateMay 24

Description

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6700v2 before 1.1.0.38, R6800 before 1.1.0.38, D7000 before 1.0.1.50, and D1500 before 1.0.0.25.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 2.5 | Impact: 3.6

Affected Packages5 packages

NVDnetgear/d1500_firmware< 1.0.0.25
NVDnetgear/d7000_firmware< 1.0.1.50
NVDnetgear/r6800_firmware< 1.1.0.38
NVDnetgear/d500_firmware< 1.0.0.25
NVDnetgear/r6700_firmware< 1.1.0.38

🔴Vulnerability Details

2
GHSA
GHSA-px4x-42rw-7qmg: Certain NETGEAR devices are affected by incorrect configuration of security settings2022-05-24
CVEList
CVE-2017-18798: Certain NETGEAR devices are affected by incorrect configuration of security settings2020-04-21
CVE-2017-18798 (MEDIUM CVSS 6.2) | Certain NETGEAR devices are affecte | cvebase.io