Vulnerabilites related to netgear - dst6501
cve-2016-11055
Vulnerability from cvelistv5
Published
2020-04-28 15:59
Modified
2024-08-06 03:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by CSRF. This affects CM400 before 2017-01-11, CM600 before 2017-01-11, D1500 before 2017-01-11, D500 before 2017-01-11, DST6501 before 2017-01-11, JNR1010v1 before 2017-01-11, JWNR2000Tv3 before 2017-01-11, JWNR2010v3 before 2017-01-11, PLW1000 before 2017-01-11, PLW1010 before 2017-01-11, WNR500 before 2017-01-11, WNR612v3 before 2017-01-11, N450 before 2017-01-11, and CG3000Dv2 before 2017-01-11.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.netgear.com/30114/NETGEAR-Product-Vulnerability-Advisory-CSRF-LocalFile-XSS | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:47:34.079Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/30114/NETGEAR-Product-Vulnerability-Advisory-CSRF-LocalFile-XSS"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by CSRF. This affects CM400 before 2017-01-11, CM600 before 2017-01-11, D1500 before 2017-01-11, D500 before 2017-01-11, DST6501 before 2017-01-11, JNR1010v1 before 2017-01-11, JWNR2000Tv3 before 2017-01-11, JWNR2010v3 before 2017-01-11, PLW1000 before 2017-01-11, PLW1010 before 2017-01-11, WNR500 before 2017-01-11, WNR612v3 before 2017-01-11, N450 before 2017-01-11, and CG3000Dv2 before 2017-01-11."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-28T15:59:19",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/30114/NETGEAR-Product-Vulnerability-Advisory-CSRF-LocalFile-XSS"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-11055",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by CSRF. This affects CM400 before 2017-01-11, CM600 before 2017-01-11, D1500 before 2017-01-11, D500 before 2017-01-11, DST6501 before 2017-01-11, JNR1010v1 before 2017-01-11, JWNR2000Tv3 before 2017-01-11, JWNR2010v3 before 2017-01-11, PLW1000 before 2017-01-11, PLW1010 before 2017-01-11, WNR500 before 2017-01-11, WNR612v3 before 2017-01-11, N450 before 2017-01-11, and CG3000Dv2 before 2017-01-11."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/30114/NETGEAR-Product-Vulnerability-Advisory-CSRF-LocalFile-XSS",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/30114/NETGEAR-Product-Vulnerability-Advisory-CSRF-LocalFile-XSS"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-11055",
"datePublished": "2020-04-28T15:59:19",
"dateReserved": "2020-04-27T00:00:00",
"dateUpdated": "2024-08-06T03:47:34.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18766
Vulnerability from cvelistv5
Published
2020-04-22 15:40
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects DST6501 before 1.1.0.6 and WNR2000v2 before 1.2.0.8.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:43.857Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000051479/Security-Advisory-for-Arbitrary-File-Read-on-DST6501-and-WNR2000v2-PSV-2017-0425"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by an attacker\u0027s ability to read arbitrary files. This affects DST6501 before 1.1.0.6 and WNR2000v2 before 1.2.0.8."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-22T15:40:13",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000051479/Security-Advisory-for-Arbitrary-File-Read-on-DST6501-and-WNR2000v2-PSV-2017-0425"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18766",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by an attacker\u0027s ability to read arbitrary files. This affects DST6501 before 1.1.0.6 and WNR2000v2 before 1.2.0.8."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000051479/Security-Advisory-for-Arbitrary-File-Read-on-DST6501-and-WNR2000v2-PSV-2017-0425",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000051479/Security-Advisory-for-Arbitrary-File-Read-on-DST6501-and-WNR2000v2-PSV-2017-0425"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18766",
"datePublished": "2020-04-22T15:40:13",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:37:43.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-202004-1258
Vulnerability from variot
Certain NETGEAR devices are affected by CSRF. This affects CM400 before 2017-01-11, CM600 before 2017-01-11, D1500 before 2017-01-11, D500 before 2017-01-11, DST6501 before 2017-01-11, JNR1010v1 before 2017-01-11, JWNR2000Tv3 before 2017-01-11, JWNR2010v3 before 2017-01-11, PLW1000 before 2017-01-11, PLW1010 before 2017-01-11, WNR500 before 2017-01-11, WNR612v3 before 2017-01-11, N450 before 2017-01-11, and CG3000Dv2 before 2017-01-11. plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information may be tampered with. NETGEAR JNR1010, etc. NETGEAR JNR1010 is a wireless router. NETGEAR PLW1000 is a power line communication modem. NETGEAR CM400 is a modem. An attacker can use a special script to use this vulnerability to log in to the victim's route and change the settings. This affects CM400 prior to 2017-01-11, CM600 prior to 2017-01-11, D1500 prior to 2017-01-11, D500 prior to 2017-01-11, DST6501 prior to 2017-01-11, JNR1010v1 prior to 2017-01-11, JWNR2000Tv3 prior to 2017-01-11, JWNR2010v3 prior to 2017-01-11, PLW1000 prior to 2017-01-11, PLW1010 prior to 2017-01-11, WNR500 prior to 2017-01-11, WNR612v3 prior to 2017-01-11, N450 prior to 2017-01-11, and CG3000Dv2 prior to 2017-01-11
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1258",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cm400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "2017-01-11"
},
{
"model": "cm600",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "2017-01-11"
},
{
"model": "d1500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.20"
},
{
"model": "d500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "2017-01-11"
},
{
"model": "dst6501",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "jwnr2010",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "2017-01-11"
},
{
"model": "plw1000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "plw1010",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "2017-01-11"
},
{
"model": "wnr500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "2017-01-11"
},
{
"model": "n450 cg3000d",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "2017-01-11"
},
{
"model": "jwnr2000t",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-11"
},
{
"model": "wnr612",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-11"
},
{
"model": "jnr1010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-11"
},
{
"model": "cm400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/11"
},
{
"model": "cm600",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/11"
},
{
"model": "d1500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.20"
},
{
"model": "d500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/11"
},
{
"model": "dst6501",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/11"
},
{
"model": "jwnr2000t",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/11"
},
{
"model": "jwnr2010",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/11"
},
{
"model": "plw1000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "plw1010",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/11"
},
{
"model": "jnr1010v1",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "2017-01-11"
},
{
"model": "jwnr2000tv3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "2017-01-11"
},
{
"model": "wnr612v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "2017-01-11"
},
{
"model": "n450 cg3000dv2",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "jnr1010v1",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "jwnr2000tv3",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "d500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.25"
},
{
"model": "d500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "d500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.40"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.46"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.48"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "jwnr2010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.40"
},
{
"model": "jwnr2010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "jwnr2010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "jwnr2010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.46"
},
{
"model": "jwnr2010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.48"
},
{
"model": "jwnr2010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "jwnr2010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "jwnr2010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "plw1000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.14"
},
{
"model": "plw1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.14"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-28011"
},
{
"db": "VULMON",
"id": "CVE-2016-11055"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004888"
},
{
"db": "NVD",
"id": "CVE-2016-11055"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:cm400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:cm600_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d1500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dst6501_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:jwnr2000t_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:plw1000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:plw1010_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-004888"
}
]
},
"cve": "CVE-2016-11055",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-11055",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-004888",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2021-28011",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2016-11055",
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-004888",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-11055",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-004888",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-28011",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2258",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-11055",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-28011"
},
{
"db": "VULMON",
"id": "CVE-2016-11055"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004888"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2258"
},
{
"db": "NVD",
"id": "CVE-2016-11055"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by CSRF. This affects CM400 before 2017-01-11, CM600 before 2017-01-11, D1500 before 2017-01-11, D500 before 2017-01-11, DST6501 before 2017-01-11, JNR1010v1 before 2017-01-11, JWNR2000Tv3 before 2017-01-11, JWNR2010v3 before 2017-01-11, PLW1000 before 2017-01-11, PLW1010 before 2017-01-11, WNR500 before 2017-01-11, WNR612v3 before 2017-01-11, N450 before 2017-01-11, and CG3000Dv2 before 2017-01-11. plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information may be tampered with. NETGEAR JNR1010, etc. NETGEAR JNR1010 is a wireless router. NETGEAR PLW1000 is a power line communication modem. NETGEAR CM400 is a modem. An attacker can use a special script to use this vulnerability to log in to the victim\u0027s route and change the settings. This affects CM400 prior to 2017-01-11, CM600 prior to 2017-01-11, D1500 prior to 2017-01-11, D500 prior to 2017-01-11, DST6501 prior to 2017-01-11, JNR1010v1 prior to 2017-01-11, JWNR2000Tv3 prior to 2017-01-11, JWNR2010v3 prior to 2017-01-11, PLW1000 prior to 2017-01-11, PLW1010 prior to 2017-01-11, WNR500 prior to 2017-01-11, WNR612v3 prior to 2017-01-11, N450 prior to 2017-01-11, and CG3000Dv2 prior to 2017-01-11",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-11055"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004888"
},
{
"db": "CNVD",
"id": "CNVD-2021-28011"
},
{
"db": "VULMON",
"id": "CVE-2016-11055"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-11055",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004888",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-28011",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2258",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2016-11055",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-28011"
},
{
"db": "VULMON",
"id": "CVE-2016-11055"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004888"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2258"
},
{
"db": "NVD",
"id": "CVE-2016-11055"
}
]
},
"id": "VAR-202004-1258",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-28011"
}
],
"trust": 1.274117252307692
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-28011"
}
]
},
"last_update_date": "2024-11-23T22:25:32.751000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR Product Vulnerability Advisory: CSRF / LocalFile / XSS",
"trust": 0.8,
"url": "https://kb.netgear.com/30114/NETGEAR-Product-Vulnerability-Advisory-CSRF-LocalFile-XSS"
},
{
"title": "Patch for Cross-site request forgery vulnerabilities in multiple NETGEAR products (CNVD-2021-28011)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/257961"
},
{
"title": "Multiple NETGEAR Repair measures for product cross-site request forgery vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117738"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-28011"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004888"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2258"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-004888"
},
{
"db": "NVD",
"id": "CVE-2016-11055"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-11055"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/30114/netgear-product-vulnerability-advisory-csrf-localfile-xss"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-11055"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/352.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-28011"
},
{
"db": "VULMON",
"id": "CVE-2016-11055"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004888"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2258"
},
{
"db": "NVD",
"id": "CVE-2016-11055"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-28011"
},
{
"db": "VULMON",
"id": "CVE-2016-11055"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004888"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2258"
},
{
"db": "NVD",
"id": "CVE-2016-11055"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-28011"
},
{
"date": "2020-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2016-11055"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-004888"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2258"
},
{
"date": "2020-04-28T16:15:12.497000",
"db": "NVD",
"id": "CVE-2016-11055"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-28011"
},
{
"date": "2020-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2016-11055"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-004888"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2258"
},
{
"date": "2024-11-21T02:45:23.633000",
"db": "NVD",
"id": "CVE-2016-11055"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2258"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Cross-site request forgery vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-004888"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2258"
}
],
"trust": 0.6
}
}
var-202004-1368
Vulnerability from variot
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects DST6501 before 1.1.0.6 and WNR2000v2 before 1.2.0.8. NETGEAR DST6501 and WNR2000 The device contains a vulnerability related to information leakage.Information may be obtained. NETGEAR WNR2000 and NETGEAR DST6501 are both products of NETGEAR. NETGEAR WNR2000 is a wireless router. NETGEAR DST6501 is a wireless extender adapter.
There are security vulnerabilities in NETGEAR DST6501 versions before 1.1.0.6 and WNR2000v2 versions before 1.2.0.8
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1368",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dst6501",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.1.0.6"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.8"
},
{
"model": "dst6501",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.1.0.6"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.2.0.8"
},
{
"model": "wnr2000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.8"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59161"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014906"
},
{
"db": "NVD",
"id": "CVE-2017-18766"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:dst6501_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014906"
}
]
},
"cve": "CVE-2017-18766",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2017-18766",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014906",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-59161",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18766",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18766",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014906",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18766",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18766",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2017-014906",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-59161",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1912",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59161"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014906"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1912"
},
{
"db": "NVD",
"id": "CVE-2017-18766"
},
{
"db": "NVD",
"id": "CVE-2017-18766"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by an attacker\u0027s ability to read arbitrary files. This affects DST6501 before 1.1.0.6 and WNR2000v2 before 1.2.0.8. NETGEAR DST6501 and WNR2000 The device contains a vulnerability related to information leakage.Information may be obtained. NETGEAR WNR2000 and NETGEAR DST6501 are both products of NETGEAR. NETGEAR WNR2000 is a wireless router. NETGEAR DST6501 is a wireless extender adapter. \n\r\n\r\nThere are security vulnerabilities in NETGEAR DST6501 versions before 1.1.0.6 and WNR2000v2 versions before 1.2.0.8",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18766"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014906"
},
{
"db": "CNVD",
"id": "CNVD-2021-59161"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18766",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014906",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-59161",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1912",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59161"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014906"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1912"
},
{
"db": "NVD",
"id": "CVE-2017-18766"
}
]
},
"id": "VAR-202004-1368",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59161"
}
],
"trust": 1.2369047850000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59161"
}
]
},
"last_update_date": "2024-11-23T22:16:30.409000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Arbitrary File Read on DST6501 and WNR2000v2, PSV-2017-0425",
"trust": 0.8,
"url": "https://kb.netgear.com/000051479/Security-Advisory-for-Arbitrary-File-Read-on-DST6501-and-WNR2000v2-PSV-2017-0425"
},
{
"title": "Patch for NETGEAR DST6501 and WNR2000 Information Disclosure Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/284361"
},
{
"title": "NETGEAR DST6501 and WNR2000 Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117247"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59161"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014906"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1912"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014906"
},
{
"db": "NVD",
"id": "CVE-2017-18766"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18766"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000051479/security-advisory-for-arbitrary-file-read-on-dst6501-and-wnr2000v2-psv-2017-0425"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18766"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59161"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014906"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1912"
},
{
"db": "NVD",
"id": "CVE-2017-18766"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-59161"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014906"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1912"
},
{
"db": "NVD",
"id": "CVE-2017-18766"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-59161"
},
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014906"
},
{
"date": "2020-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1912"
},
{
"date": "2020-04-22T16:15:11.607000",
"db": "NVD",
"id": "CVE-2017-18766"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-59161"
},
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014906"
},
{
"date": "2020-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1912"
},
{
"date": "2024-11-21T03:20:52.057000",
"db": "NVD",
"id": "CVE-2017-18766"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1912"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR DST6501 and WNR2000 Information leakage vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014906"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1912"
}
],
"trust": 0.6
}
}
Vulnerability from fkie_nvd
Published
2020-04-28 16:15
Modified
2024-11-21 02:45
Severity ?
Summary
Certain NETGEAR devices are affected by CSRF. This affects CM400 before 2017-01-11, CM600 before 2017-01-11, D1500 before 2017-01-11, D500 before 2017-01-11, DST6501 before 2017-01-11, JNR1010v1 before 2017-01-11, JWNR2000Tv3 before 2017-01-11, JWNR2010v3 before 2017-01-11, PLW1000 before 2017-01-11, PLW1010 before 2017-01-11, WNR500 before 2017-01-11, WNR612v3 before 2017-01-11, N450 before 2017-01-11, and CG3000Dv2 before 2017-01-11.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cm400_firmware | * | |
| netgear | cm400 | - | |
| netgear | cm600_firmware | * | |
| netgear | cm600 | - | |
| netgear | d1500_firmware | * | |
| netgear | d1500 | - | |
| netgear | d500_firmware | * | |
| netgear | d500 | - | |
| netgear | dst6501_firmware | * | |
| netgear | dst6501 | - | |
| netgear | jnr1010_firmware | * | |
| netgear | jnr1010 | v1 | |
| netgear | jwnr2000t_firmware | * | |
| netgear | jwnr2000t | v3 | |
| netgear | jwnr2010_firmware | * | |
| netgear | jwnr2010 | v3 | |
| netgear | plw1000_firmware | * | |
| netgear | plw1000 | - | |
| netgear | plw1010_firmware | * | |
| netgear | plw1010 | - | |
| netgear | wnr500_firmware | * | |
| netgear | wnr500 | - | |
| netgear | wnr612_firmware | * | |
| netgear | wnr612 | v3 | |
| netgear | n450_cg3000d_firmware | * | |
| netgear | n450_cg3000d | v2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:cm400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06C1BEEA-AB9E-4BC8-B702-E004FD37B5A2",
"versionEndExcluding": "2017-01-11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:cm400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AC8E42B-BF1A-47D5-A01F-F1063897D04A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:cm600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34B5F803-B95A-4912-8269-50AFDFDC2869",
"versionEndExcluding": "2017-01-11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:cm600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3EE3F30-5C36-45E1-ACAF-6E73F95C5421",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d1500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46CB4027-059B-4C3D-B1AB-302FA2C4DB43",
"versionEndExcluding": "1.0.0.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78DC8809-C26D-48D8-9E12-228C3669B824",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04D0E6DA-A492-42CC-8DB7-6901377DA411",
"versionEndExcluding": "2017-01-11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE070E3-C0B1-455F-83A9-5C60C489816F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dst6501_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF818C21-36D6-4558-BD30-780333D8CD5C",
"versionEndExcluding": "1.0.0.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dst6501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "909AF8E7-A2CB-4CB0-A795-FEFBB53D95B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jnr1010_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1750A68A-8DD6-4AD1-9421-2F12F0DD823E",
"versionEndExcluding": "2017-01-11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jnr1010:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "B4196FE8-4491-442C-96A0-23495165D3B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jwnr2000t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7E17493-1A3B-4ECE-88AF-5BEF18148464",
"versionEndExcluding": "2017-01-11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jwnr2000t:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "62F0E255-EA38-470E-8593-129109C93894",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jwnr2010_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F8759B9-24ED-4DCA-BBF0-B3233F175359",
"versionEndExcluding": "2017-01-11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jwnr2010:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "93CD048A-2600-4429-A8EF-285CB514BDF6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:plw1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CCAD9C5-DAC1-459E-B012-8E908B423FCC",
"versionEndExcluding": "1.0.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:plw1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40BDFBA8-20A4-48BB-BB53-5F395432B4A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:plw1010_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA6EEC0-E95B-47F0-85AE-46DB9D72BE1A",
"versionEndExcluding": "2017-01-11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:plw1010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48BEE862-6CDE-44B2-B935-895F63DEDFE9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "831419B7-507C-4475-91D1-0F194AE58E7F",
"versionEndExcluding": "2017-01-11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "543C098D-DD55-459D-A44F-80264FB93755",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr612_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E82592CD-8015-439E-9671-158A6A0F6A74",
"versionEndExcluding": "2017-01-11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr612:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "C6B259EC-658D-4E52-8184-3E7881C693FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:n450_cg3000d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9210B9F7-C246-43BC-B024-B2335FFCC513",
"versionEndExcluding": "2017-01-11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:n450_cg3000d:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4A285B76-7510-4D91-9AD3-CEB410384216",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by CSRF. This affects CM400 before 2017-01-11, CM600 before 2017-01-11, D1500 before 2017-01-11, D500 before 2017-01-11, DST6501 before 2017-01-11, JNR1010v1 before 2017-01-11, JWNR2000Tv3 before 2017-01-11, JWNR2010v3 before 2017-01-11, PLW1000 before 2017-01-11, PLW1010 before 2017-01-11, WNR500 before 2017-01-11, WNR612v3 before 2017-01-11, N450 before 2017-01-11, and CG3000Dv2 before 2017-01-11."
},
{
"lang": "es",
"value": "Determinados dispositivos de NETGEAR est\u00e1n afectados por una vulnerabilidad de tipo CSRF. Esto afecta a CM400 antes del 11-01-2017, CM600 antes del 11-01-2017, D1500 antes del 11-01-2017, D500 antes del 11-01-2017, DST6501 antes del 11-01-2017, JNR1010v1 antes del 11-01-2017, JWNR2000Tv3 antes del 11-01-2017, JWNR2010v3 antes del 11-01-2017, PLW1000 antes del 11-01-2017, PLW1010 antes del 11-01-2017, WNR500 antes del 11-01-2017, WNR612v3 antes del 11-01-2017, N450 antes del 11-01-2017, y CG3000Dv2 antes del 11-01-2017."
}
],
"id": "CVE-2016-11055",
"lastModified": "2024-11-21T02:45:23.633",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-28T16:15:12.497",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/30114/NETGEAR-Product-Vulnerability-Advisory-CSRF-LocalFile-XSS"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/30114/NETGEAR-Product-Vulnerability-Advisory-CSRF-LocalFile-XSS"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-22 16:15
Modified
2024-11-21 03:20
Severity ?
Summary
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects DST6501 before 1.1.0.6 and WNR2000v2 before 1.2.0.8.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | dst6501_firmware | * | |
| netgear | dst6501 | - | |
| netgear | wnr2000_firmware | * | |
| netgear | wnr2000 | v2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dst6501_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F256FC0A-7041-41D7-B0FE-624E34DC66C3",
"versionEndExcluding": "1.1.0.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dst6501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "909AF8E7-A2CB-4CB0-A795-FEFBB53D95B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9A59121-B980-46B4-ABB8-13DEAE8F3923",
"versionEndExcluding": "1.2.0.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C5085749-A0E2-448D-B26B-7E25400F1C12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by an attacker\u0027s ability to read arbitrary files. This affects DST6501 before 1.1.0.6 and WNR2000v2 before 1.2.0.8."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una capacidad del atacante para leer archivos arbitrarios. Esto afecta a DST6501 versiones anteriores a 1.1.0.6 y WNR2000v2 versiones anteriores a 1.2.0.8."
}
],
"id": "CVE-2017-18766",
"lastModified": "2024-11-21T03:20:52.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-22T16:15:11.607",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051479/Security-Advisory-for-Arbitrary-File-Read-on-DST6501-and-WNR2000v2-PSV-2017-0425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051479/Security-Advisory-for-Arbitrary-File-Read-on-DST6501-and-WNR2000v2-PSV-2017-0425"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}