CVE-2017-18853
published 2020-04-29CVE-2017-18853: Certain NETGEAR devices are affected by password recovery and file access. This affects D8500 1.0.3.27 and earlier, DGN2200v4 1.0.0.82 and earlier, R6300v2…
medium6.5CVSS 3.1
AVAACLPRNUINSUCHINAN
Certain NETGEAR devices are affected by password recovery and file access. This affects D8500 1.0.3.27 and earlier, DGN2200v4 1.0.0.82 and earlier, R6300v2 1.0.4.06 and earlier, R6400 1.0.1.20 and earlier, R6400v2 1.0.2.18 and earlier, R6700 1.0.1.22 and earlier, R6900 1.0.1.20 and earlier, R7000 1.0.7.10 and earlier, R7000P 1.0.0.58 and earlier, R7100LG 1.0.0.28 and earlier, R7300DST 1.0.0.52 and earlier, R7900 1.0.1.12 and earlier, R8000 1.0.3.46 and earlier, R8300 1.0.2.86 and earlier, R8500 1.0.2.86 and earlier, WNDR3400v3 1.0.1.8 and earlier, and WNDR4500v2 1.0.0.62 and earlier.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netgear | d8500_firmware | <= 1.0.3.27 | — |
| netgear | dgn2200_firmware | <= 1.0.0.82 | — |
| netgear | r6300_firmware | <= 1.0.4.06 | — |
| netgear | r6400_firmware | <= 1.0.1.20 | — |
| netgear | r6400_firmware | <= 1.0.2.18 | — |
| netgear | r6700_firmware | <= 1.0.1.22 | — |
| netgear | r6900_firmware | <= 1.0.1.20 | — |
| netgear | r7000_firmware | <= 1.0.7.10 | — |
| netgear | r7000p_firmware | <= 1.0.0.58 | — |
| netgear | r7100lg_firmware | <= 1.0.0.28 | — |
| netgear | r7300dst_firmware | <= 1.0.0.52 | — |
| netgear | r7900_firmware | <= 1.0.1.12 | — |
| netgear | r8000_firmware | <= 1.0.3.46 | — |
| netgear | r8300_firmware | <= 1.0.2.86 | — |
| netgear | r8500_firmware | <= 1.0.2.86 | — |
| netgear | wndr3400_firmware | <= 1.0.1.8 | — |
| netgear | wndr4500_firmware | <= 1.0.0.62 | — |