Vulnerabilites related to netgear - gs108tv2
Vulnerability from fkie_nvd
Published
2020-04-29 14:15
Modified
2024-11-21 03:21
Severity ?
Summary
Certain NETGEAR devices are affected by debugging command execution. This affects FS752TP 5.4.2.19 and earlier, GS108Tv2 5.4.2.29 and earlier, GS110TP 5.4.2.29 and earlier, GS418TPP 6.6.2.6 and earlier, GS510TLP 6.6.2.6 and earlier, GS510TP 5.04.2.27 and earlier, GS510TPP 6.6.2.6 and earlier, GS716Tv2 5.4.2.27 and earlier, GS716Tv3 6.3.1.16 and earlier, GS724Tv3 5.4.2.27 and earlier, GS724Tv4 6.3.1.16 and earlier, GS728TPSB 5.3.0.29 and earlier, GS728TSB 5.3.0.29 and earlier, GS728TXS 6.1.0.35 and earlier, GS748Tv4 5.4.2.27 and earlier, GS748Tv5 6.3.1.16 and earlier, GS752TPSB 5.3.0.29 and earlier, GS752TSB 5.3.0.29 and earlier, GS752TXS 6.1.0.35 and earlier, M4200 12.0.2.10 and earlier, M4300 12.0.2.10 and earlier, M5300 11.0.0.28 and earlier, M6100 11.0.0.28 and earlier, M7100 11.0.0.28 and earlier, S3300 6.6.1.4 and earlier, XS708T 6.6.0.11 and earlier, XS712T 6.1.0.34 and earlier, and XS716T 6.6.0.11 and earlier.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:fs752tp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAF6CBC-713C-4BCD-BA73-29BD5E6B2CC0",
"versionEndIncluding": "5.4.2.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:fs752tp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA58F24F-EC29-4592-BAD6-F7710F897E76",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs108t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07615C61-628A-4168-AEB5-BBEB8E14D039",
"versionEndIncluding": "5.4.2.29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs108tv2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A9045AE-E205-4FE2-9DD8-51EFA8D9B7EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs110tp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57C21A5F-460B-41AF-8C81-59B5C39AFF6F",
"versionEndIncluding": "5.4.2.29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs110tp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3949875-D8ED-4280-B1C7-123674774C3C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs418tpp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3D5437-B5F7-4C11-9935-D95A848DF84D",
"versionEndIncluding": "6.6.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs418tpp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFF539E-3159-4479-9BC5-AD2A5239415F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs510tlp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C26847F-3523-4455-90AB-A84E2422247D",
"versionEndIncluding": "6.6.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs510tlp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7F54D4D-EB69-4B6A-B2D1-7D8013AB04D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs510tp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4D4AE3C-6585-406D-B596-A9933AA8B57C",
"versionEndIncluding": "5.04.2.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs510tp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED4BF26-254F-4550-8B8B-5F90CD4A2556",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs510tpp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57DD367F-50E8-48A2-B44F-FD6AE99A7BEF",
"versionEndIncluding": "6.6.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs510tpp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9C4447-DFC2-40B8-AD47-F7D8DDD34570",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs716t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAC7EA9C-0A45-40A4-85A9-563E8922ACB5",
"versionEndIncluding": "5.4.2.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs716t:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B93D08F-4C7B-4DE6-A72A-5AAAC3E42F29",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs716t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47770B21-3153-4B10-817F-D47442D7C3BF",
"versionEndIncluding": "6.3.1.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs716t:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "4B048480-9790-4267-9C12-ABADA7646A9F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs724t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A21595F4-961A-42BE-A530-3304F23C5A24",
"versionEndIncluding": "5.4.2.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs724t:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "15240AAD-9CDF-4E78-A43D-0AD0A21F0A05",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs724t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29FDAE41-1436-4695-9E40-68DC5050910B",
"versionEndIncluding": "6.3.1.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs724t:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "8EF8C3CE-84D9-4BEE-85AE-82D8346BDECD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs728tpsb_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF656382-57CD-4017-859E-3A6FFD3E66AF",
"versionEndIncluding": "5.3.0.29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs728tpsb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBECB631-64D3-4944-8E45-683FF12C1D89",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs728tsb_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30712720-94B0-4212-88C0-A5D9DC36C9A0",
"versionEndIncluding": "5.3.0.29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs728tsb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D5C8B5-E199-43E3-9C17-FBF55D916F8D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs728txs_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69D579C0-A6FA-4200-9866-99C8E02BACC3",
"versionEndIncluding": "6.1.0.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs728txs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB931A26-A4F1-4170-AA66-188C29B46AFB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs748t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC428D3-868A-421D-8AD8-1D8AF1522D82",
"versionEndIncluding": "5.4.2.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs748t:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "BED8AA40-EC6E-4652-A6F8-57856EBDC16A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs748t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81FEC177-54A7-4D62-B6B8-53FA193B5D24",
"versionEndIncluding": "6.3.1.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs748t:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "C47152C0-F85E-4073-BE49-9DDF1C99E828",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs752tpsb_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B8EA70D-EE90-41D9-978C-4377B49AA3FA",
"versionEndIncluding": "5.3.0.29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs752tpsb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD6B178-367D-446C-9EE9-5B2940AE6956",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs752tsb_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B92FCC-AD30-4C5B-AB31-12C564FB36B5",
"versionEndIncluding": "5.3.0.29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs752tsb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE5F207F-9977-4390-AB85-EAE8B385E87D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs752txs_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09F17244-9B03-4F30-B565-2A4F21EB6793",
"versionEndIncluding": "6.1.0.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs752txs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF2BD166-0AF7-48FE-B677-B5D28672DA74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:m4200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBBD796E-9525-468B-81D1-9A848B3862D3",
"versionEndIncluding": "12.0.2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:m4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80617DBE-44F0-44E1-B59A-9456D4995C8B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:m4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04C8ED4F-822D-4BE5-AB37-D18B779C5AC8",
"versionEndIncluding": "12.0.2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:m4300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C28AC8BD-6DDA-481B-A1E9-466A04FB9680",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:m5300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EA50A8A-FCF6-46F9-8E79-6A44ACF74CE7",
"versionEndIncluding": "11.0.0.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:m5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D10DCF81-D2AD-403C-AAB8-97ED936FD458",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:m6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7FAA5A-D2FC-4D29-B741-B13DD7F7974F",
"versionEndIncluding": "11.0.0.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:m6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CFDB23F-9895-42E4-88A1-83FE4A6D0709",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:m7100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E191EAA-A1D4-4629-B16B-AE1B5C8028A0",
"versionEndIncluding": "11.0.0.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:m7100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C43A67-C198-48C3-9CDB-6B2039C306B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:s3300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E1ED353-91DC-4A25-995A-0AEFB5B1AC3D",
"versionEndIncluding": "6.6.1.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:s3300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "880C8ABD-7469-4D24-8878-D4BA299F890B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:xs708t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C1664B-4794-4FC1-BF9F-A1329E572BDE",
"versionEndIncluding": "6.6.0.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:xs708t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D78D4126-20E7-43C2-BD98-2BEAF2A5FD1D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:xs712t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06EE98ED-4348-4999-8259-493855582249",
"versionEndIncluding": "6.1.0.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:xs712t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67E3C3C9-946B-4490-B018-152FF64C7A6F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:xs716t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8C9DD2-A69A-40B4-9AD1-E0F5B002877B",
"versionEndIncluding": "6.6.0.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:xs716t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE86C949-F8F4-43FB-9089-9E0BE95A5FF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by debugging command execution. This affects FS752TP 5.4.2.19 and earlier, GS108Tv2 5.4.2.29 and earlier, GS110TP 5.4.2.29 and earlier, GS418TPP 6.6.2.6 and earlier, GS510TLP 6.6.2.6 and earlier, GS510TP 5.04.2.27 and earlier, GS510TPP 6.6.2.6 and earlier, GS716Tv2 5.4.2.27 and earlier, GS716Tv3 6.3.1.16 and earlier, GS724Tv3 5.4.2.27 and earlier, GS724Tv4 6.3.1.16 and earlier, GS728TPSB 5.3.0.29 and earlier, GS728TSB 5.3.0.29 and earlier, GS728TXS 6.1.0.35 and earlier, GS748Tv4 5.4.2.27 and earlier, GS748Tv5 6.3.1.16 and earlier, GS752TPSB 5.3.0.29 and earlier, GS752TSB 5.3.0.29 and earlier, GS752TXS 6.1.0.35 and earlier, M4200 12.0.2.10 and earlier, M4300 12.0.2.10 and earlier, M5300 11.0.0.28 and earlier, M6100 11.0.0.28 and earlier, M7100 11.0.0.28 and earlier, S3300 6.6.1.4 and earlier, XS708T 6.6.0.11 and earlier, XS712T 6.1.0.34 and earlier, and XS716T 6.6.0.11 and earlier."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una ejecuci\u00f3n de comandos de depuraci\u00f3n. Esto afecta a FS752TP versiones 5.4.2.19 y anteriores, GS108Tv2 versiones 5.4.2.29 y anteriores, GS110TP versiones 5.4.2.29 y anteriores, GS418TPP versiones 6.6.2.6 y anteriores, GS510TLP versiones 6.6.2.6 y anteriores, GS510TP versiones 5.04.2.27 y anteriores, GS510TPP versiones 6.6.2.6 y anteriores, GS716Tv2 versiones 5.4.2.27 y anteriores, GS716Tv3 versiones 6.3.1.16 y anteriores, GS724Tv3 versiones 5.4.2.27 y anteriores, GS724Tv4 versiones 6.3.1.16 y anteriores, GS728TPSB versiones 5.3.0.29 y anteriores, GS728TSB versiones 5.3.0.29 y anteriores, GS728TXS versiones 6.1.0. 35 y anteriores, GS748Tv4 versiones 5.4.2.27 y anteriores, GS748Tv5 versiones 6.3.1.16 y anteriores, GS752TPSB versiones 5.3.0.29 y anteriores, GS752TSB versiones 5.3.0.29 y anteriores, GS752TXS versiones 6.1.0.35 y anteriores, M4200 versiones 12.0.2.10 y anteriores, M4300 versiones 12.0.2. 10 y anteriores, M5300 versiones 11.0.0.28 y anteriores, M6100 versiones 11.0.0.28 y anteriores, M7100 versiones 11.0.0.28 y anteriores, S3300 versiones 6.6.1.4 y anteriores, XS708T versiones 6.6.0.11 y anteriores, XS712T versiones 6.1.0.34 y anteriores, y XS716T versiones 6.6.0.11 y anteriores."
}
],
"id": "CVE-2017-18860",
"lastModified": "2024-11-21T03:21:06.917",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-29T14:15:14.013",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000038519/Security-Advisory-for-Authentication-Bypass-and-Remote-Command-Execution-on-Some-Smart-and-Managed-Switches-PSV-2017-0857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000038519/Security-Advisory-for-Authentication-Bypass-and-Remote-Command-Execution-on-Some-Smart-and-Managed-Switches-PSV-2017-0857"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
7.5 (High) - CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects GS108Tv2 before 5.4.2.36, GS110TPP before 7.0.7.2, GS110TPv2 before 5.4.2.36., GS110TPv3 before 7.0.7.2, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS752TPP before 6.0.8.2, GS752TPv2 before 6.0.8.2, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs108tv2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EACFEA36-9BB9-4F93-BC6A-20A24D2D124D",
"versionEndExcluding": "5.4.2.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs108tv2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A9045AE-E205-4FE2-9DD8-51EFA8D9B7EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs110tpp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAAA5112-5735-4889-9F6C-4217D2CE58FC",
"versionEndExcluding": "7.0.7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs110tpp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E095D139-28EE-4ADD-8FCD-3C2322AC3668",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs110tpv2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2659C481-E537-482B-930F-0BEC2560817F",
"versionEndExcluding": "5.4.2.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs110tpv2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE9F361F-B223-4172-B6BE-5629AE0D28DF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs308t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5EF9D41-5E0D-4BBC-BD8C-40422B29D241",
"versionEndExcluding": "1.0.3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs308t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C204CFAA-0709-421A-A907-8F5B093063F4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs110tpv3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72779793-9379-4F2F-BE33-DCB0245D5809",
"versionEndExcluding": "7.0.7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs110tpv3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6933C827-B585-4A09-92B3-0A8D218EAA2A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs310tp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A18B9E4-16A6-443B-A504-784FA821B404",
"versionEndExcluding": "1.0.3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs310tp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6761CCD9-9D27-465F-8707-F23707A84803",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs724tpp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "339698F2-2727-469D-82E4-8E025FCBB106",
"versionEndExcluding": "2.0.6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs724tpp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EB10210-B401-4944-832A-D31AEA8B3952",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs724tpv2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20BF678C-4FA5-4194-BC59-61BCEC453739",
"versionEndExcluding": "2.0.6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs724tpv2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63D92F01-012E-4D90-AC57-F24AEA0A2038",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs728tppv2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "018B077A-46B9-4D22-AE55-5FE9E9E45F12",
"versionEndExcluding": "6.0.8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs728tppv2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF37586-C1D5-4694-B9A2-4F4E090FA153",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs728tpv2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27E38B2B-64BF-42A0-AB56-7A0EA607BC03",
"versionEndExcluding": "6.0.8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs728tpv2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50FD1C49-C811-44DB-9494-86126A9017FF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs752tpp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00504A9F-EBE8-4D88-98C6-52CC260EC944",
"versionEndExcluding": "6.0.8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs752tpp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "995D8E9F-7AE6-4A17-A728-7190FB2CE8BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs752tpv2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0964FBB-D311-4262-8CB6-214318C09BFE",
"versionEndExcluding": "6.0.8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs752tpv2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BCD433-D2E0-4E89-892F-7A8BC6D29C47",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ms510txm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D620D42-9365-4A5E-957C-ADB9EAD56D8C",
"versionEndExcluding": "1.0.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms510txm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CF12A57-ACFA-48AA-B41C-06EB7095C800",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ms510txup_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD52B5A4-0CF4-4E80-BD9B-05C1DFB855D2",
"versionEndExcluding": "1.0.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms510txup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3A918F0-36BB-4EDE-98B8-00C3DC8F7BB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects GS108Tv2 before 5.4.2.36, GS110TPP before 7.0.7.2, GS110TPv2 before 5.4.2.36., GS110TPv3 before 7.0.7.2, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS752TPP before 6.0.8.2, GS752TPv2 before 6.0.8.2, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una inyecci\u00f3n de comandos por parte de un usuario autenticado. Esto afecta a GS108Tv2 versiones anteriores a 5.4.2.36, GS110TPP versiones anteriores a 7.0.7.2, GS110TPv2 versiones anteriores a 5.4.2.36., GS110TPv3 versiones anteriores a 7.0.7.2, GS308T versiones anteriores a 1.0.3.2, GS310TP versiones anteriores a 1.0.3.2, GS724TPP versiones anteriores a 2.0.6. 3, GS724TPv2 versiones anteriores a 2.0.6.3, GS728TPPv2 versiones anteriores a 6.0.8.2, GS728TPv2 versiones anteriores a 6.0.8.2, GS752TPP versiones anteriores a 6.0.8.2, GS752TPv2 versiones anteriores a 6.0.8.2, MS510TXM versiones anteriores a 1.0.4.2 y MS510TXUP versiones anteriores a 1.0.4.2"
}
],
"id": "CVE-2021-45556",
"lastModified": "2024-11-21T06:32:30.637",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 6.0,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-26T01:15:15.660",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000064534/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Smart-Managed-Pro-Switches-PSV-2021-0175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000064534/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Smart-Managed-Pro-Switches-PSV-2021-0175"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-202112-2392
Vulnerability from variot
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects GS108Tv2 before 5.4.2.36, GS110TPP before 7.0.7.2, GS110TPv2 before 5.4.2.36., GS110TPv3 before 7.0.7.2, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS752TPP before 6.0.8.2, GS752TPv2 before 6.0.8.2, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects GS108Tv2 prior to 5.4.2.36, GS110TPP prior to 7.0.7.2, GS110TPv2 prior to 5.4.2.36., GS110TPv3 prior to 7.0.7.2, GS308T prior to 1.0.3.2, GS310TP prior to 1.0.3.2, GS724TPP prior to 2.0.6.3, GS724TPv2 prior to 2.0.6.3, GS728TPPv2 prior to 6.0.8.2, GS728TPv2 prior to 6.0.8.2, GS752TPP prior to 6.0.8.2, GS752TPv2 prior to 6.0.8.2, MS510TXM prior to 1.0.4.2, and MS510TXUP prior to 1.0.4.2
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202112-2392",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ms510txm",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.2"
},
{
"model": "gs724tpp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.0.6.3"
},
{
"model": "gs110tpp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "7.0.7.2"
},
{
"model": "gs110tpv3",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "7.0.7.2"
},
{
"model": "gs752tpp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "6.0.8.2"
},
{
"model": "gs728tppv2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "6.0.8.2"
},
{
"model": "gs752tpv2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "6.0.8.2"
},
{
"model": "gs728tpv2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "6.0.8.2"
},
{
"model": "gs724tpv2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.0.6.3"
},
{
"model": "gs308t",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.2"
},
{
"model": "ms510txup",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.2"
},
{
"model": "gs108tv2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "5.4.2.36"
},
{
"model": "gs110tpv2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "5.4.2.36"
},
{
"model": "gs310tp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.2"
},
{
"model": "gs310tp",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "gs308t",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "gs728tppv2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "gs110tpv2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "gs110tpv3",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "gs724tpv2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "gs110tpp",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "gs728tpv2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "gs724tpp",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "gs108tv2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017572"
},
{
"db": "NVD",
"id": "CVE-2021-45556"
}
]
},
"cve": "CVE-2021-45556",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2021-45556",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-45556",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.0,
"id": "CVE-2021-45556",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-45556",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-45556",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-45556",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-45556",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202112-2372",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017572"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2372"
},
{
"db": "NVD",
"id": "CVE-2021-45556"
},
{
"db": "NVD",
"id": "CVE-2021-45556"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects GS108Tv2 before 5.4.2.36, GS110TPP before 7.0.7.2, GS110TPv2 before 5.4.2.36., GS110TPv3 before 7.0.7.2, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS752TPP before 6.0.8.2, GS752TPv2 before 6.0.8.2, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects GS108Tv2 prior to 5.4.2.36, GS110TPP prior to 7.0.7.2, GS110TPv2 prior to 5.4.2.36., GS110TPv3 prior to 7.0.7.2, GS308T prior to 1.0.3.2, GS310TP prior to 1.0.3.2, GS724TPP prior to 2.0.6.3, GS724TPv2 prior to 2.0.6.3, GS728TPPv2 prior to 6.0.8.2, GS728TPv2 prior to 6.0.8.2, GS752TPP prior to 6.0.8.2, GS752TPv2 prior to 6.0.8.2, MS510TXM prior to 1.0.4.2, and MS510TXUP prior to 1.0.4.2",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-45556"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017572"
},
{
"db": "VULMON",
"id": "CVE-2021-45556"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-45556",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017572",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2372",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-45556",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45556"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017572"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2372"
},
{
"db": "NVD",
"id": "CVE-2021-45556"
}
]
},
"id": "VAR-202112-2392",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.6424417246153845
},
"last_update_date": "2024-11-23T22:44:06.919000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Post-Authentication\u00a0Command\u00a0Injection\u00a0on\u00a0Some\u00a0Smart\u00a0Managed\u00a0Pro\u00a0Switches,\u00a0PSV-2021-0175",
"trust": 0.8,
"url": "https://kb.netgear.com/000064534/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Smart-Managed-Pro-Switches-PSV-2021-0175"
},
{
"title": "Netgear NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176664"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017572"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2372"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017572"
},
{
"db": "NVD",
"id": "CVE-2021-45556"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000064534/security-advisory-for-post-authentication-command-injection-on-some-smart-managed-pro-switches-psv-2021-0175"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45556"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45556"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017572"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2372"
},
{
"db": "NVD",
"id": "CVE-2021-45556"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-45556"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017572"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2372"
},
{
"db": "NVD",
"id": "CVE-2021-45556"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45556"
},
{
"date": "2023-01-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-017572"
},
{
"date": "2021-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2372"
},
{
"date": "2021-12-26T01:15:15.660000",
"db": "NVD",
"id": "CVE-2021-45556"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-27T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45556"
},
{
"date": "2023-01-27T01:39:00",
"db": "JVNDB",
"id": "JVNDB-2021-017572"
},
{
"date": "2022-01-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2372"
},
{
"date": "2024-11-21T06:32:30.637000",
"db": "NVD",
"id": "CVE-2021-45556"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2372"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Command injection vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017572"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2372"
}
],
"trust": 0.6
}
}
var-202004-1332
Vulnerability from variot
Certain NETGEAR devices are affected by debugging command execution. This affects FS752TP 5.4.2.19 and earlier, GS108Tv2 5.4.2.29 and earlier, GS110TP 5.4.2.29 and earlier, GS418TPP 6.6.2.6 and earlier, GS510TLP 6.6.2.6 and earlier, GS510TP 5.04.2.27 and earlier, GS510TPP 6.6.2.6 and earlier, GS716Tv2 5.4.2.27 and earlier, GS716Tv3 6.3.1.16 and earlier, GS724Tv3 5.4.2.27 and earlier, GS724Tv4 6.3.1.16 and earlier, GS728TPSB 5.3.0.29 and earlier, GS728TSB 5.3.0.29 and earlier, GS728TXS 6.1.0.35 and earlier, GS748Tv4 5.4.2.27 and earlier, GS748Tv5 6.3.1.16 and earlier, GS752TPSB 5.3.0.29 and earlier, GS752TSB 5.3.0.29 and earlier, GS752TXS 6.1.0.35 and earlier, M4200 12.0.2.10 and earlier, M4300 12.0.2.10 and earlier, M5300 11.0.0.28 and earlier, M6100 11.0.0.28 and earlier, M7100 11.0.0.28 and earlier, S3300 6.6.1.4 and earlier, XS708T 6.6.0.11 and earlier, XS712T 6.1.0.34 and earlier, and XS716T 6.6.0.11 and earlier. plural NETGEAR A device contains an injection vulnerability.Information is tampered with and service operation is interrupted (DoS) It may be put into a state. NETGEAR FS752TP, etc. are all products of NETGEAR. NETGEAR FS752TP is a stackable smart switch. NETGEAR GS108T is an intelligent management switch. NETGEAR M6100 is a fully managed switch.
There are security holes in many NETGEAR products. Attackers can use the specially crafted URL to exploit the vulnerability to execute commands on the switch. This affects FS752TP 5.4.2.19 and previous versions, GS108Tv2 5.4.2.29 and previous versions, GS110TP 5.4.2.29 and previous versions, GS418TPP 6.6.2.6 and previous versions, GS510TLP 6.6.2.6 and previous versions, GS510TP 5.04.2.27 and previous versions, GS510TPP 6.6.2.6 and previous versions, GS716Tv2 5.4.2.27 and previous versions, GS716Tv3 6.3.1.16 and previous versions, GS724Tv3 5.4.2.27 and previous versions, GS724Tv4 6.3.1.16 and previous versions, GS728TPSB 5.3.0.29 and previous versions, GS728TSB 5.3.0.29 and previous versions, GS728TXS 6.1.0.35 and previous versions, GS748Tv4 5.4.2.27 and previous versions, GS748Tv5 6.3.1.16 and previous versions, GS752TPSB 5.3.0.29 and previous versions, GS752TSB 5.3.0.29 and previous versions, GS752TXS 6.1.0.35 and previous versions, M4200 12.0.2.10 and previous versions, M4300 12.0.2.10 and previous versions, M5300 11.0.0.28 and previous versions, M6100 11.0.0.28 and previous versions, M7100 11.0.0.28 and previous versions, S3300 6.6.1.4 and previous versions, XS708T 6.6.0.11 and previous versions, XS712T 6.1.0.34 and previous versions, and XS716T 6.6.0.11 and previous versions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1332",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gs724t",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "5.4.2.27"
},
{
"model": "gs510tlp",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "6.6.2.6"
},
{
"model": "fs752tp",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "5.4.2.19"
},
{
"model": "gs716t",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "6.3.1.16"
},
{
"model": "xs708t",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "6.6.0.11"
},
{
"model": "xs716t",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "6.6.0.11"
},
{
"model": "gs748t",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "5.4.2.27"
},
{
"model": "gs728txs",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "6.1.0.35"
},
{
"model": "gs724t",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "6.3.1.16"
},
{
"model": "gs728tsb",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "5.3.0.29"
},
{
"model": "m5300",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "11.0.0.28"
},
{
"model": "gs110tp",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "5.4.2.29"
},
{
"model": "m4200",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "12.0.2.10"
},
{
"model": "gs752txs",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "6.1.0.35"
},
{
"model": "gs108t",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "5.4.2.29"
},
{
"model": "gs748t",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "6.3.1.16"
},
{
"model": "gs752tsb",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "5.3.0.29"
},
{
"model": "xs712t",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "6.1.0.34"
},
{
"model": "m7100",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "11.0.0.28"
},
{
"model": "gs716t",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "5.4.2.27"
},
{
"model": "s3300",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "6.6.1.4"
},
{
"model": "gs728tpsb",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "5.3.0.29"
},
{
"model": "gs752tpsb",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "5.3.0.29"
},
{
"model": "m4300",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "12.0.2.10"
},
{
"model": "gs510tp",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "5.04.2.27"
},
{
"model": "gs418tpp",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "6.6.2.6"
},
{
"model": "gs510tpp",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "6.6.2.6"
},
{
"model": "m6100",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "11.0.0.28"
},
{
"model": "fs752tp",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "5.4.2.19"
},
{
"model": "gs108t",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "5.4.2.29"
},
{
"model": "gs110tp",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "5.4.2.29"
},
{
"model": "gs418tpp",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "6.6.2.6"
},
{
"model": "gs510tlp",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "6.6.2.6"
},
{
"model": "gs510tp",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "5.04.2.27"
},
{
"model": "gs510tpp",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "6.6.2.6"
},
{
"model": "gs716t",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "5.4.2.27"
},
{
"model": "gs716t",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "6.3.1.16"
},
{
"model": "gs724t",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "5.4.2.27"
},
{
"model": "fs752tp",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=5.4.2.19"
},
{
"model": "gs108tv2",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=5.4.2.29"
},
{
"model": "gs110tp",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=5.4.2.29"
},
{
"model": "gs418tpp",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=6.6.2.6"
},
{
"model": "gs510tlp",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=6.6.2.6"
},
{
"model": "gs510tp",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=5.04.2.27"
},
{
"model": "gs510tpp",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=6.6.2.6"
},
{
"model": "gs716tv2",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=5.4.2.27"
},
{
"model": "gs716tv3",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=6.3.1.16"
},
{
"model": "gs724tv3",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=5.4.2.27"
},
{
"model": "gs724tv4",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=6.3.1.16"
},
{
"model": "gs728tpsb",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=5.3.0.29"
},
{
"model": "gs728tsb",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=5.3.0.29"
},
{
"model": "gs728txs",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=6.1.0.35"
},
{
"model": "gs748tv4",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=5.4.2.27"
},
{
"model": "gs748tv5",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=6.3.1.16"
},
{
"model": "gs752tpsb",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=5.3.0.29"
},
{
"model": "gs752tsb",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=5.3.0.29"
},
{
"model": "gs752txs",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=6.1.0.35"
},
{
"model": "m4200",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=12.0.2.10"
},
{
"model": "m4300",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=12.0.2.10"
},
{
"model": "m5300",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=11.0.0.28"
},
{
"model": "m6100",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=11.0.0.28"
},
{
"model": "m7100",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=11.0.0.28"
},
{
"model": "s3300",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=6.6.1.4"
},
{
"model": "xs708t",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=6.6.0.11"
},
{
"model": "xs712t",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=6.1.0.34"
},
{
"model": "xs716t",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=6.6.0.11"
},
{
"model": "gs724t",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "6.3.1.16"
},
{
"model": "gs728tpsb",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "5.3.0.29"
},
{
"model": "gs728tsb",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "5.3.0.29"
},
{
"model": "gs728txs",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "6.1.0.35"
},
{
"model": "gs748t",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "5.4.2.27"
},
{
"model": "gs748t",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "6.3.1.16"
},
{
"model": "gs752tpsb",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "5.3.0.29"
},
{
"model": "gs752tsb",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "5.3.0.29"
},
{
"model": "gs752txs",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "6.1.0.35"
},
{
"model": "m4200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "12.0.2.10"
},
{
"model": "m4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "12.0.2.10"
},
{
"model": "m5300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "11.0.0.28"
},
{
"model": "m6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "11.0.0.28"
},
{
"model": "m7100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "11.0.0.28"
},
{
"model": "s3300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "6.6.1.4"
},
{
"model": "xs708t",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "6.6.0.11"
},
{
"model": "xs712t",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "6.1.0.34"
},
{
"model": "xs716t",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "6.6.0.11"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30574"
},
{
"db": "VULMON",
"id": "CVE-2017-18860"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014985"
},
{
"db": "NVD",
"id": "CVE-2017-18860"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:fs752tp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:gs108t_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:gs110tp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:gs418tpp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:gs510tlp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:gs510tp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:gs510tpp_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:gs716t_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:gs724t_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014985"
}
]
},
"cve": "CVE-2017-18860",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-18860",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.1,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 3.6,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2017-014985",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-30574",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.5,
"id": "CVE-2017-18860",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.7,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2017-014985",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18860",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2017-014985",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-30574",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2386",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-18860",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30574"
},
{
"db": "VULMON",
"id": "CVE-2017-18860"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014985"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2386"
},
{
"db": "NVD",
"id": "CVE-2017-18860"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by debugging command execution. This affects FS752TP 5.4.2.19 and earlier, GS108Tv2 5.4.2.29 and earlier, GS110TP 5.4.2.29 and earlier, GS418TPP 6.6.2.6 and earlier, GS510TLP 6.6.2.6 and earlier, GS510TP 5.04.2.27 and earlier, GS510TPP 6.6.2.6 and earlier, GS716Tv2 5.4.2.27 and earlier, GS716Tv3 6.3.1.16 and earlier, GS724Tv3 5.4.2.27 and earlier, GS724Tv4 6.3.1.16 and earlier, GS728TPSB 5.3.0.29 and earlier, GS728TSB 5.3.0.29 and earlier, GS728TXS 6.1.0.35 and earlier, GS748Tv4 5.4.2.27 and earlier, GS748Tv5 6.3.1.16 and earlier, GS752TPSB 5.3.0.29 and earlier, GS752TSB 5.3.0.29 and earlier, GS752TXS 6.1.0.35 and earlier, M4200 12.0.2.10 and earlier, M4300 12.0.2.10 and earlier, M5300 11.0.0.28 and earlier, M6100 11.0.0.28 and earlier, M7100 11.0.0.28 and earlier, S3300 6.6.1.4 and earlier, XS708T 6.6.0.11 and earlier, XS712T 6.1.0.34 and earlier, and XS716T 6.6.0.11 and earlier. plural NETGEAR A device contains an injection vulnerability.Information is tampered with and service operation is interrupted (DoS) It may be put into a state. NETGEAR FS752TP, etc. are all products of NETGEAR. NETGEAR FS752TP is a stackable smart switch. NETGEAR GS108T is an intelligent management switch. NETGEAR M6100 is a fully managed switch. \n\r\n\r\nThere are security holes in many NETGEAR products. Attackers can use the specially crafted URL to exploit the vulnerability to execute commands on the switch. This affects FS752TP 5.4.2.19 and previous versions, GS108Tv2 5.4.2.29 and previous versions, GS110TP 5.4.2.29 and previous versions, GS418TPP 6.6.2.6 and previous versions, GS510TLP 6.6.2.6 and previous versions, GS510TP 5.04.2.27 and previous versions, GS510TPP 6.6.2.6 and previous versions, GS716Tv2 5.4.2.27 and previous versions, GS716Tv3 6.3.1.16 and previous versions, GS724Tv3 5.4.2.27 and previous versions, GS724Tv4 6.3.1.16 and previous versions, GS728TPSB 5.3.0.29 and previous versions, GS728TSB 5.3.0.29 and previous versions, GS728TXS 6.1.0.35 and previous versions, GS748Tv4 5.4.2.27 and previous versions, GS748Tv5 6.3.1.16 and previous versions, GS752TPSB 5.3.0.29 and previous versions, GS752TSB 5.3.0.29 and previous versions, GS752TXS 6.1.0.35 and previous versions, M4200 12.0.2.10 and previous versions, M4300 12.0.2.10 and previous versions, M5300 11.0.0.28 and previous versions, M6100 11.0.0.28 and previous versions, M7100 11.0.0.28 and previous versions, S3300 6.6.1.4 and previous versions, XS708T 6.6.0.11 and previous versions, XS712T 6.1.0.34 and previous versions, and XS716T 6.6.0.11 and previous versions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18860"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014985"
},
{
"db": "CNVD",
"id": "CNVD-2020-30574"
},
{
"db": "VULMON",
"id": "CVE-2017-18860"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18860",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014985",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-30574",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2386",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-18860",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30574"
},
{
"db": "VULMON",
"id": "CVE-2017-18860"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014985"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2386"
},
{
"db": "NVD",
"id": "CVE-2017-18860"
}
]
},
"id": "VAR-202004-1332",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30574"
}
],
"trust": 1.3429854174074074
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30574"
}
]
},
"last_update_date": "2024-11-23T22:21:12.834000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Authentication Bypass and Remote Command Execution on Some Smart and Managed Switches, PSV-2017-0857",
"trust": 0.8,
"url": "https://kb.netgear.com/000038519/Security-Advisory-for-Authentication-Bypass-and-Remote-Command-Execution-on-Some-Smart-and-Managed-Switches-PSV-2017-0857"
},
{
"title": "Patch for Multiple NETGEAR product injection vulnerabilities (CNVD-2020-30574)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/219291"
},
{
"title": "Multiple NETGEAR Fixing measures for product injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117761"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30574"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014985"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2386"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-74",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014985"
},
{
"db": "NVD",
"id": "CVE-2017-18860"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18860"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000038519/security-advisory-for-authentication-bypass-and-remote-command-execution-on-some-smart-and-managed-switches-psv-2017-0857"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18860"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/74.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30574"
},
{
"db": "VULMON",
"id": "CVE-2017-18860"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014985"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2386"
},
{
"db": "NVD",
"id": "CVE-2017-18860"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-30574"
},
{
"db": "VULMON",
"id": "CVE-2017-18860"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014985"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2386"
},
{
"db": "NVD",
"id": "CVE-2017-18860"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-30574"
},
{
"date": "2020-04-29T00:00:00",
"db": "VULMON",
"id": "CVE-2017-18860"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014985"
},
{
"date": "2020-04-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2386"
},
{
"date": "2020-04-29T14:15:14.013000",
"db": "NVD",
"id": "CVE-2017-18860"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-30574"
},
{
"date": "2020-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2017-18860"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014985"
},
{
"date": "2020-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2386"
},
{
"date": "2024-11-21T03:21:06.917000",
"db": "NVD",
"id": "CVE-2017-18860"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2386"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Injection vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014985"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2386"
}
],
"trust": 0.6
}
}
cve-2017-18860
Vulnerability from cvelistv5
Published
2020-04-29 13:38
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by debugging command execution. This affects FS752TP 5.4.2.19 and earlier, GS108Tv2 5.4.2.29 and earlier, GS110TP 5.4.2.29 and earlier, GS418TPP 6.6.2.6 and earlier, GS510TLP 6.6.2.6 and earlier, GS510TP 5.04.2.27 and earlier, GS510TPP 6.6.2.6 and earlier, GS716Tv2 5.4.2.27 and earlier, GS716Tv3 6.3.1.16 and earlier, GS724Tv3 5.4.2.27 and earlier, GS724Tv4 6.3.1.16 and earlier, GS728TPSB 5.3.0.29 and earlier, GS728TSB 5.3.0.29 and earlier, GS728TXS 6.1.0.35 and earlier, GS748Tv4 5.4.2.27 and earlier, GS748Tv5 6.3.1.16 and earlier, GS752TPSB 5.3.0.29 and earlier, GS752TSB 5.3.0.29 and earlier, GS752TXS 6.1.0.35 and earlier, M4200 12.0.2.10 and earlier, M4300 12.0.2.10 and earlier, M5300 11.0.0.28 and earlier, M6100 11.0.0.28 and earlier, M7100 11.0.0.28 and earlier, S3300 6.6.1.4 and earlier, XS708T 6.6.0.11 and earlier, XS712T 6.1.0.34 and earlier, and XS716T 6.6.0.11 and earlier.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:44.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000038519/Security-Advisory-for-Authentication-Bypass-and-Remote-Command-Execution-on-Some-Smart-and-Managed-Switches-PSV-2017-0857"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by debugging command execution. This affects FS752TP 5.4.2.19 and earlier, GS108Tv2 5.4.2.29 and earlier, GS110TP 5.4.2.29 and earlier, GS418TPP 6.6.2.6 and earlier, GS510TLP 6.6.2.6 and earlier, GS510TP 5.04.2.27 and earlier, GS510TPP 6.6.2.6 and earlier, GS716Tv2 5.4.2.27 and earlier, GS716Tv3 6.3.1.16 and earlier, GS724Tv3 5.4.2.27 and earlier, GS724Tv4 6.3.1.16 and earlier, GS728TPSB 5.3.0.29 and earlier, GS728TSB 5.3.0.29 and earlier, GS728TXS 6.1.0.35 and earlier, GS748Tv4 5.4.2.27 and earlier, GS748Tv5 6.3.1.16 and earlier, GS752TPSB 5.3.0.29 and earlier, GS752TSB 5.3.0.29 and earlier, GS752TXS 6.1.0.35 and earlier, M4200 12.0.2.10 and earlier, M4300 12.0.2.10 and earlier, M5300 11.0.0.28 and earlier, M6100 11.0.0.28 and earlier, M7100 11.0.0.28 and earlier, S3300 6.6.1.4 and earlier, XS708T 6.6.0.11 and earlier, XS712T 6.1.0.34 and earlier, and XS716T 6.6.0.11 and earlier."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-29T13:38:19",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000038519/Security-Advisory-for-Authentication-Bypass-and-Remote-Command-Execution-on-Some-Smart-and-Managed-Switches-PSV-2017-0857"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18860",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by debugging command execution. This affects FS752TP 5.4.2.19 and earlier, GS108Tv2 5.4.2.29 and earlier, GS110TP 5.4.2.29 and earlier, GS418TPP 6.6.2.6 and earlier, GS510TLP 6.6.2.6 and earlier, GS510TP 5.04.2.27 and earlier, GS510TPP 6.6.2.6 and earlier, GS716Tv2 5.4.2.27 and earlier, GS716Tv3 6.3.1.16 and earlier, GS724Tv3 5.4.2.27 and earlier, GS724Tv4 6.3.1.16 and earlier, GS728TPSB 5.3.0.29 and earlier, GS728TSB 5.3.0.29 and earlier, GS728TXS 6.1.0.35 and earlier, GS748Tv4 5.4.2.27 and earlier, GS748Tv5 6.3.1.16 and earlier, GS752TPSB 5.3.0.29 and earlier, GS752TSB 5.3.0.29 and earlier, GS752TXS 6.1.0.35 and earlier, M4200 12.0.2.10 and earlier, M4300 12.0.2.10 and earlier, M5300 11.0.0.28 and earlier, M6100 11.0.0.28 and earlier, M7100 11.0.0.28 and earlier, S3300 6.6.1.4 and earlier, XS708T 6.6.0.11 and earlier, XS712T 6.1.0.34 and earlier, and XS716T 6.6.0.11 and earlier."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000038519/Security-Advisory-for-Authentication-Bypass-and-Remote-Command-Execution-on-Some-Smart-and-Managed-Switches-PSV-2017-0857",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000038519/Security-Advisory-for-Authentication-Bypass-and-Remote-Command-Execution-on-Some-Smart-and-Managed-Switches-PSV-2017-0857"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18860",
"datePublished": "2020-04-29T13:38:19",
"dateReserved": "2020-04-27T00:00:00",
"dateUpdated": "2024-08-05T21:37:44.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-45556
Vulnerability from cvelistv5
Published
2021-12-26 00:50
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects GS108Tv2 before 5.4.2.36, GS110TPP before 7.0.7.2, GS110TPv2 before 5.4.2.36., GS110TPv3 before 7.0.7.2, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS752TPP before 6.0.8.2, GS752TPv2 before 6.0.8.2, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:47:00.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.netgear.com/000064534/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Smart-Managed-Pro-Switches-PSV-2021-0175"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects GS108Tv2 before 5.4.2.36, GS110TPP before 7.0.7.2, GS110TPv2 before 5.4.2.36., GS110TPv3 before 7.0.7.2, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS752TPP before 6.0.8.2, GS752TPv2 before 6.0.8.2, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:H/AV:A/A:H/C:L/I:H/PR:H/S:C/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-26T00:50:54",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.netgear.com/000064534/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Smart-Managed-Pro-Switches-PSV-2021-0175"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-45556",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects GS108Tv2 before 5.4.2.36, GS110TPP before 7.0.7.2, GS110TPv2 before 5.4.2.36., GS110TPv3 before 7.0.7.2, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS752TPP before 6.0.8.2, GS752TPv2 before 6.0.8.2, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:H/AV:A/A:H/C:L/I:H/PR:H/S:C/UI:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000064534/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Smart-Managed-Pro-Switches-PSV-2021-0175",
"refsource": "MISC",
"url": "https://kb.netgear.com/000064534/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Smart-Managed-Pro-Switches-PSV-2021-0175"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-45556",
"datePublished": "2021-12-26T00:50:54",
"dateReserved": "2021-12-25T00:00:00",
"dateUpdated": "2024-08-04T04:47:00.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}