CVE-2017-18860 Information

Feb 14, 2021 cve

Description

Certain NETGEAR devices are affected by debugging command execution. This affects FS752TP 5.4.2.19 and earlier GS108Tv2 5.4.2.29 and earlier GS110TP 5.4.2.29 and earlier GS418TPP 6.6.2.6 and earlier GS510TLP 6.6.2.6 and earlier GS510TP 5.04.2.27 and earlier GS510TPP 6.6.2.6 and earlier GS716Tv2 5.4.2.27 and earlier GS716Tv3 6.3.1.16 and earlier GS724Tv3 5.4.2.27 and earlier GS724Tv4 6.3.1.16 and earlier GS728TPSB 5.3.0.29 and earlier GS728TSB 5.3.0.29 and earlier GS728TXS 6.1.0.35 and earlier GS748Tv4 5.4.2.27 and earlier GS748Tv5 6.3.1.16 and earlier GS752TPSB 5.3.0.29 and earlier GS752TSB 5.3.0.29 and earlier GS752TXS 6.1.0.35 and earlier M4200 12.0.2.10 and earlier M4300 12.0.2.10 and earlier M5300 11.0.0.28 and earlier M6100 11.0.0.28 and earlier M7100 11.0.0.28 and earlier S3300 6.6.1.4 and earlier XS708T 6.6.0.11 and earlier XS712T 6.1.0.34 and earlier and XS716T 6.6.0.11 and earlier.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Reference

https://kb.netgear.com/000038519/Security-Advisory-for-Authentication-Bypass-and-Remote-Command-Execution-on-Some-Smart-and-Managed-Switches-PSV-2017-0857

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.7

Share on: