CVE-2018-21094

3 documents3 sources

Severity

7.3HIGH

EPSS

0.3%

top 42.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Netgear Wac120 Firmware Netgear Wac505 Firmware Netgear Wac510 Firmware +8 more

Timeline

PublishedApr 27

Latest updateMay 24

Description

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects WAC120 before 2.1.7, WAC505 before 5.0.5.4, WAC510 before 5.0.5.4, WNAP320 before 3.7.11.4, WNAP210v2 before 3.7.11.4, WNDAP350 before 3.7.11.4, WNDAP360 before 3.7.11.4, WNDAP660 before 3.7.11.4, WNDAP620 before 2.1.7, WND930 before 2.1.5, and WN604 before 3.3.10.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 3.9 | Impact: 3.4

Affected Packages11 packages

▶NVDnetgear/wn604_firmware< 3.3.10

▶NVDnetgear/wac120_firmware< 2.1.7

▶NVDnetgear/wac505_firmware< 5.0.5.4

▶NVDnetgear/wac510_firmware< 5.0.5.4

▶NVDnetgear/wnd930_firmware< 2.1.5

🔴Vulnerability Details

GHSA

GHSA-ggf6-gp83-vf32: Certain NETGEAR devices are affected by incorrect configuration of security settings↗2022-05-24

▶

CVEList

CVE-2018-21094: Certain NETGEAR devices are affected by incorrect configuration of security settings↗2020-04-27

▶