Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-18746

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6000 before 1.0.0.24, EX6130 before 1.0.0.16, EX6400 before 1.0.1.60, EX7000 before 1.0.0.50, EX7300 before 1.0.1.60, and WN2500RPv2 before 1.0.1.46.

Published

2020-04-23T16:15:12.807

Last Modified

2024-11-21T03:20:49.290

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

CVSSv2 Vector

AV:A/AC:L/Au:N/C:N/I:P/A:N

Access Vector: ADJACENT_NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

6.5

Impact Score

2.9

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	netgear	ex3700_firmware	< 1.0.0.64	Yes
Hardware	netgear	ex3700	-	No
Operating System	netgear	ex3800_firmware	< 1.0.0.64	Yes
Hardware	netgear	ex3800	-	No
Operating System	netgear	ex6000_firmware	< 1.0.0.24	Yes
Hardware	netgear	ex6000	-	No
Operating System	netgear	ex6130_firmware	< 1.0.0.16	Yes
Hardware	netgear	ex6130	-	No
Operating System	netgear	ex6400_firmware	< 1.0.1.60	Yes
Hardware	netgear	ex6400	-	No
Operating System	netgear	ex7000_firmware	< 1.0.0.50	Yes
Hardware	netgear	ex7000	-	No
Operating System	netgear	ex7300_firmware	< 1.0.1.60	Yes
Hardware	netgear	ex7300	-	No
Operating System	netgear	wn2500rp_firmware	< 1.0.1.46	Yes
Hardware	netgear	wn2500rp	v2	No

References

https://kb.netgear.com/000051508/Security-Advisory-for-Security-Misconfiguration-on-Some-Extenders-PSV-2016-0253 Vendor Advisory ([email protected])
https://kb.netgear.com/000051508/Security-Advisory-for-Security-Misconfiguration-on-Some-Extenders-PSV-2016-0253 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)