CVE-2017-18853

CWE-200Information Exposure3 documents3 sources
Severity
6.5MEDIUM
EPSS
0.4%
top 38.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
16
Netgear D8500 FirmwareNetgear Dgn2200 FirmwareNetgear R6300 Firmware+13 more
Timeline
PublishedApr 29
Latest updateMay 24

Description

Certain NETGEAR devices are affected by password recovery and file access. This affects D8500 1.0.3.27 and earlier, DGN2200v4 1.0.0.82 and earlier, R6300v2 1.0.4.06 and earlier, R6400 1.0.1.20 and earlier, R6400v2 1.0.2.18 and earlier, R6700 1.0.1.22 and earlier, R6900 1.0.1.20 and earlier, R7000 1.0.7.10 and earlier, R7000P 1.0.0.58 and earlier, R7100LG 1.0.0.28 and earlier, R7300DST 1.0.0.52 and earlier, R7900 1.0.1.12 and earlier, R8000 1.0.3.46 and earlier, R8300 1.0.2.86 and earlier, R8500

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages16 packages

NVDnetgear/r6400_firmware1.0.1.20+1

🔴Vulnerability Details

2
GHSA
GHSA-q794-v4jv-vqvf: Certain NETGEAR devices are affected by password recovery and file access2022-05-24
CVEList
CVE-2017-18853: Certain NETGEAR devices are affected by password recovery and file access2020-04-29
CVE-2017-18853 (MEDIUM CVSS 6.5) | Certain NETGEAR devices are affecte | cvebase.io