CVE-2017-18799
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
21/04/2020
Last modified:
24/04/2020
Description
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6200v2 before 1.0.3.14, R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.1.1.20, R7000 before 1.0.7.10, R7000P/R6900P before 1.0.0.56, R7100LG before 1.0.0.30, R7900 before 1.0.1.14, R8000 before 1.0.3.22, R8500 before 1.0.2.74, and D8500 before 1.0.3.28.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:netgear:r6200_firmware:*:*:*:*:*:*:*:* | 1.0.3.14 (excluding) | |
| cpe:2.3:h:netgear:r6200:v2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:* | 1.0.4.8 (excluding) | |
| cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:* | 1.0.4.8 (excluding) | |
| cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:* | 1.1.1.20 (excluding) | |
| cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:* | 1.0.7.10 (excluding) | |
| cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:* | 1.0.0.56 (excluding) | |
| cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:* | 1.0.0.56 (excluding) | |
| cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:* | 1.0.0.30 (excluding) |
To consult the complete list of CPE names with products and versions, see this page