CVE-2017-18853 Information

Feb 14, 2021 cve

Description

Certain NETGEAR devices are affected by password recovery and file access. This affects D8500 1.0.3.27 and earlier DGN2200v4 1.0.0.82 and earlier R6300v2 1.0.4.06 and earlier R6400 1.0.1.20 and earlier R6400v2 1.0.2.18 and earlier R6700 1.0.1.22 and earlier R6900 1.0.1.20 and earlier R7000 1.0.7.10 and earlier R7000P 1.0.0.58 and earlier R7100LG 1.0.0.28 and earlier R7300DST 1.0.0.52 and earlier R7900 1.0.1.12 and earlier R8000 1.0.3.46 and earlier R8300 1.0.2.86 and earlier R8500 1.0.2.86 and earlier WNDR3400v3 1.0.1.8 and earlier and WNDR4500v2 1.0.0.62 and earlier.

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Reference

https://kb.netgear.com/000045848/Security-Advisory-for-Password-Recovery-and-File-Access-on-Some-Routers-and-Modem-Routers-PSV-2017-0677

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

6.5

Share on: