CVE-2017-18862Improper Authentication in Netgear Gs105e Firmware

CWE-287Improper Authentication3 documents3 sources
Severity
6.5MEDIUMNVD
EPSS
0.1%
top 71.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
Netgear Gs105e FirmwareNetgear Gs105pe FirmwareNetgear Gs108e Firmware+9 more
Timeline
PublishedApr 28
Latest updateMay 24

Description

Certain NETGEAR devices are affected by authentication bypass. This affects JGS516PE before 2017-05-11, JGS524Ev2 before 2017-05-11, JGS524PE before 2017-05-11, GS105Ev2 before 2017-05-11, GS105PE before 2017-05-11, GS108Ev3 before 2017-05-11, GS108PEv3 before 2017-05-11, GS116Ev2 before 2017-05-11, GSS108E before 2017-05-11, GSS116E before 2017-05-11, XS708Ev2 before 2017-05-11, and XS716E before 2017-05-11.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages12 packages

NVDnetgear/xs716e_firmware< 2017-05-11
NVDnetgear/gs105pe_firmware< 2017-05-11
NVDnetgear/gss108e_firmware< 2017-05-11
NVDnetgear/gss116e_firmware< 2017-05-11
NVDnetgear/jgs516pe_firmware< 2017-05-11

🔴Vulnerability Details

2
GHSA
GHSA-wccv-5c5g-j682: Certain NETGEAR devices are affected by authentication bypass2022-05-24
CVEList
CVE-2017-18862: Certain NETGEAR devices are affected by authentication bypass2020-04-28
CVE-2017-18862 — Improper Authentication in Netgear | cvebase