CVE-2017-18867

CWE-20Improper Input Validation3 documents3 sources
Severity
6.8MEDIUM
EPSS
0.1%
top 81.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Netgear D6100 FirmwareNetgear D7800 FirmwareNetgear R7100lg Firmware+2 more
Timeline
PublishedMay 5
Latest updateMay 24

Description

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6100 before 1.0.0.55, D7800 before V1.0.1.24, R7100LG before V1.0.0.32, WNDR4300v1 before 1.0.2.90, and WNDR4500v3 before 1.0.0.48.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages5 packages

NVDnetgear/d6100_firmware< 1.0.0.55
NVDnetgear/d7800_firmware< 1.0.1.24
NVDnetgear/r7100lg_firmware< 1.0.0.32

🔴Vulnerability Details

2
GHSA
GHSA-846m-g5wx-w2f5: Certain NETGEAR devices are affected by incorrect configuration of security settings2022-05-24
CVEList
CVE-2017-18867: Certain NETGEAR devices are affected by incorrect configuration of security settings2020-05-05
CVE-2017-18867 (MEDIUM CVSS 6.8) | Certain NETGEAR devices are affecte | cvebase.io