Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-18789

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6250 before V1.0.4.8, R6400 before V1.0.1.22, R6400v2 before V1.0.2.32, R7100LG before V1.0.0.32, R7300 before V1.0.0.52, R8300 before V1.0.2.94, R8500 before V1.0.2.100, D6220 before V1.0.0.28, D6400 before V1.0.0.60, and D8500 before V1.0.3.29.

Published

2020-04-22T14:15:11.877

Last Modified

2024-11-21T03:20:55.663

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.5 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

  • Access Vector: LOCAL
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: NONE
  • Availability Impact: NONE
Exploitability Score

3.9

Impact Score

2.9

Weaknesses
  • Type: Primary
    CWE-200
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System netgear r6250_firmware < 1.0.4.8 Yes
Hardware netgear r6250 - No
Operating System netgear r6400_firmware < 1.0.1.22 Yes
Hardware netgear r6400 - No
Operating System netgear r6400_firmware < 1.0.2.32 Yes
Hardware netgear r6400 v2 No
Operating System netgear r7100lg_firmware < 1.0.0.32 Yes
Hardware netgear r7100lg - No
Operating System netgear r7300_firmware < 1.0.0.52 Yes
Hardware netgear r7300 - No
Operating System netgear r8300_firmware < 1.0.2.94 Yes
Hardware netgear r8300 - No
Operating System netgear r8500_firmware < 1.0.2.100 Yes
Hardware netgear r8500 - No
Operating System netgear d6220_firmware < 1.0.0.28 Yes
Hardware netgear d6220 - No
Operating System netgear d6400_firmware < 1.0.0.60 Yes
Hardware netgear d6400 - No
Operating System netgear d8500_firmware < 1.0.3.29 Yes
Hardware netgear d8500 - No
References