CVE-2017-18706

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6100 before 1.0.1.20, R7500 before 1.0.0.118, WNDR3700v4 before 1.0.2.88, WNDR4300 before 1.0.2.90, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, and WNR2000v5 before 1.0.0.62.

Published: Apr 24, 2020
Updated: Apr 13, 2023
CVE: CVE-2017-18706
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

Severity: Low
Score: 3.3
AV:A/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
netgear / wndr3700_firmware	-	1.0.2.88
netgear / wndr4300_firmware	-	1.0.2.90
netgear / r7500_firmware	-	1.0.0.118
netgear / wndr4300_firmware	-	1.0.0.48
netgear / wndr4500_firmware	-	1.0.0.48
netgear / wnr2000_firmware	-	1.0.0.62
netgear / r6100_firmware	-	1.0.1.20

https://kb.netgear.com/000053196/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-0516

Vulnerability Database

289,697

CVE-2017-18706