CVE-2017-18861 โ€” Cross-Site Request Forgery in Netgear Readynas Surveillance

CWE-352 โ€” Cross-Site Request Forgery3 documents3 sources
Severity
8.0HIGHNVD
EPSS
0.1%
top 83.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Netgear Readynas Surveillance
Timeline
PublishedApr 28
Latest updateMay 24

Description

Certain NETGEAR devices are affected by CSRF. This affects ReadyNAS Surveillance 1.4.3-15-x86 and earlier and ReadyNAS Surveillance 1.1.4-5-ARM and earlier.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.1 | Impact: 5.9

Affected Packages1 packages

โ–ถNVDnetgear/readynas_surveillance1.4.3-15+1

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-92qv-vvr2-8w3j: Certain NETGEAR devices are affected by CSRFโ†—2022-05-24
โ–ถ
CVEList
CVE-2017-18861: Certain NETGEAR devices are affected by CSRFโ†—2020-04-28
โ–ถ
CVE-2017-18861 โ€” Cross-Site Request Forgery in Netgear | cvebase