⚠ Actively exploited
Added to CISA KEV on 2022-09-08. Federal agencies required to patch by 2022-09-29. Required action: Apply updates per vendor instructions. If the affected device has since entered end-of-life, it should be disconnected if still in use..
CVE-2017-5521
Severity
8.1HIGH
EPSS
93.8%
top 0.14%
CISA KEV
KEV
Added 2022-09-08
Due 2022-09-29
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedJan 17
KEV addedSep 8
KEV dueSep 29
CISA Required Action: Apply updates per vendor instructions. If the affected device has since entered end-of-life, it should be disconnected if still in use.
Description
An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. They are prone to password disclosure via simple crafted requests to the web management server. The bug is exploitable remotely if the remote management option is set, and can also be exploited given access to the router over LAN or WLAN. When trying to access the web panel, a user is asked to authenticate; if the authentication is canceled and p…
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9
Affected Packages13 packages
🔴Vulnerability Details
3GHSA▶
GHSA-6cqf-r56h-g5xf: An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices↗2022-05-17
CVEList▶
CVE-2017-5521: An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices↗2017-01-17
💥Exploits & PoCs
2Nuclei▶
NETGEAR Routers - Authentication Bypass