CVE-2017-6862 (GCVE-0-2017-6862)

Vulnerability from cvelistv5 – Published: 2017-05-26 20:00 – Updated: 2025-10-21 23:55
VLAI CISA KEVIntel
Summary
NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261.
Severity
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
SSVC
Exploitation: active Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • Unauthenticated Remote Code Execution
  • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
Impacted products
Vendor Product Version
n/a NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42 Affected: NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42
Date Public
2017-05-26 00:00
CISA
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: d424be2d-04a5-4153-a45c-ee29ad34176e

Vulnerability ID: CVE-2017-6862

Status: Confirmed

Status Updated: 2022-06-08 00:00 UTC

Exploited: Yes

Timestamps
First Seen: 2022-06-08
Asserted: 2022-06-08
Scope
Notes: KEV entry: NETGEAR Multiple Devices Buffer Overflow Vulnerability | Affected: NETGEAR / Multiple Devices | Description: Multiple NETGEAR devices contain a buffer overflow vulnerability that allows for authentication bypass and remote code execution. | Required action: Apply updates per vendor instructions. | Due date: 2022-06-22 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2017-6862
Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details
Cwes CWE-119
Feed CISA Known Exploited Vulnerabilities Catalog
Product Multiple Devices
Due Date 2022-06-22
Date Added 2022-06-08
Vendorproject NETGEAR
Vulnerabilityname NETGEAR Multiple Devices Buffer Overflow Vulnerability
Knownransomwarecampaignuse Unknown
References
Created: 2026-02-02 12:27 UTC | Updated: 2026-02-06 07:17 UTC
KEVIntel
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: edea3e59-2e1c-4821-95fb-e2173ff81edc

Vulnerability ID: CVE-2017-6862

Status: Confirmed

Status Updated: 2022-06-08 00:00 UTC

Exploited: Yes

Timestamps
First Seen: 2022-06-08
Asserted: 2022-06-08
Scope
Notes: KEVIntel entry: NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and... | Affected: NETGEAR / NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42 | CVSS: 9.8 (CRITICAL) | Used in malware: unknown | Not yet in CISA KEV: False
Evidence

Type: Public Report

Signal: Successful Exploitation

Confidence: 70%

Source: kevintel

Details
Feed KEVIntel (kevintel.com)
Title NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and...
Vendor NETGEAR
Product NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42
Added Date 2022-06-08T00:00:00.000Z
Cvss Score 9.8
Epss Score None
Cvss Severity CRITICAL
Epss Percentile None
Used In Malware unknown
Ahead Of Cisa Kev None
Not Yet In Cisa Kev False
References
Created: 2026-06-19 12:47 UTC | Updated: 2026-06-19 12:47 UTC
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:41:17.673Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Code-Execution-on-Some-Routers-PSV-2016-0261"
          },
          {
            "name": "98740",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98740"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2000v5_-_cve-2017-6862.pdf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2017-6862",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-07T13:42:36.789125Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-06-08",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-6862"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-120",
                "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:55:40.404Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-6862"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-06-08T00:00:00.000Z",
            "value": "CVE-2017-6862 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42"
            }
          ]
        }
      ],
      "datePublic": "2017-05-26T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Unauthenticated Remote Code Execution",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-17T20:57:01.000Z",
        "orgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
        "shortName": "netgear"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Code-Execution-on-Some-Routers-PSV-2016-0261"
        },
        {
          "name": "98740",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98740"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2000v5_-_cve-2017-6862.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@netgear.com",
          "ID": "CVE-2017-6862",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Unauthenticated Remote Code Execution"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Code-Execution-on-Some-Routers-PSV-2016-0261",
              "refsource": "CONFIRM",
              "url": "https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Code-Execution-on-Some-Routers-PSV-2016-0261"
            },
            {
              "name": "98740",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98740"
            },
            {
              "name": "https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2000v5_-_cve-2017-6862.pdf",
              "refsource": "MISC",
              "url": "https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2000v5_-_cve-2017-6862.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a2826606-91e7-4eb6-899e-8484bd4575d5",
    "assignerShortName": "netgear",
    "cveId": "CVE-2017-6862",
    "datePublished": "2017-05-26T20:00:00.000Z",
    "dateReserved": "2017-03-13T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:55:40.404Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2017-6862",
      "cwes": "[\"CWE-119\"]",
      "dateAdded": "2022-06-08",
      "dueDate": "2022-06-22",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2017-6862",
      "product": "Multiple Devices",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Multiple NETGEAR devices contain a buffer overflow vulnerability that allows for authentication bypass and remote code execution.",
      "vendorProject": "NETGEAR",
      "vulnerabilityName": "NETGEAR Multiple Devices Buffer Overflow Vulnerability"
    },
    "epss": {
      "cve": "CVE-2017-6862",
      "date": "2026-06-22",
      "epss": "0.42696",
      "percentile": "0.98541"
    },
    "fkie_nvd": {
      "cisaActionDue": "2022-06-22",
      "cisaExploitAdd": "2022-06-08",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "NETGEAR Multiple Devices Buffer Overflow Vulnerability",
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.0.42\", \"matchCriteriaId\": \"9E2C503D-A603-4C93-9125-E72CE6D98219\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:wnr2000v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"671EC923-DC84-47D6-B943-0F7DA8168334\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:wnr2000v4_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.0.66\", \"matchCriteriaId\": \"598F1EB8-757F-4E3B-B1FD-C50C94B1632B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:wnr2000v4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3AE1DD1-5DB7-403A-805B-EDB364EF28D5\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:wnr2000v3_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.1.2.14\", \"matchCriteriaId\": \"61B034B2-3B15-4C7B-A47E-04DDF36992AF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:wnr2000v3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"95BBF3EA-0F98-4A99-8312-30E1E47AC4C4\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261.\"}, {\"lang\": \"es\", \"value\": \"Dispositivos NETGEAR WNR2000v3 anteriores a 1.1.2.14, WNR2000v4 anteriores a 1.0.0.42 permite rodear la autentificaci\\u00f3n y ejecutar c\\u00f3digo remoto mediante un buffer overflow que usa un par\\u00e1metro en la administraci\\u00f3n de la aplicaci\\u00f3n. El ID del NETGEAR es PSV-2016-0261.\"}]",
      "id": "CVE-2017-6862",
      "lastModified": "2024-11-21T03:30:41.180",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-05-26T20:29:00.177",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/98740\", \"source\": \"a2826606-91e7-4eb6-899e-8484bd4575d5\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Code-Execution-on-Some-Routers-PSV-2016-0261\", \"source\": \"a2826606-91e7-4eb6-899e-8484bd4575d5\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2000v5_-_cve-2017-6862.pdf\", \"source\": \"a2826606-91e7-4eb6-899e-8484bd4575d5\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securityfocus.com/bid/98740\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Code-Execution-on-Some-Routers-PSV-2016-0261\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2000v5_-_cve-2017-6862.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}]",
      "sourceIdentifier": "a2826606-91e7-4eb6-899e-8484bd4575d5",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-120\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-6862\",\"sourceIdentifier\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\",\"published\":\"2017-05-26T20:29:00.177\",\"lastModified\":\"2026-04-21T19:05:31.373\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261.\"},{\"lang\":\"es\",\"value\":\"Dispositivos NETGEAR WNR2000v3 anteriores a 1.1.2.14, WNR2000v4 anteriores a 1.0.0.42 permite rodear la autentificaci\u00f3n y ejecutar c\u00f3digo remoto mediante un buffer overflow que usa un par\u00e1metro en la administraci\u00f3n de la aplicaci\u00f3n. El ID del NETGEAR es PSV-2016-0261.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-06-08\",\"cisaActionDue\":\"2022-06-22\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"NETGEAR Multiple Devices Buffer Overflow Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.42\",\"matchCriteriaId\":\"B3B5B30F-0159-48B6-BC8D-BF8F2EE519D6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:wnr2000:v5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"317F25FF-B3A2-4C68-888F-D2627C564867\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.66\",\"matchCriteriaId\":\"9F3D02E3-8FA1-4129-A4B2-25235AF0E49C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:wnr2000:v4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2913468-C442-48A3-8AD9-A2F3CCDD7952\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.1.2.14\",\"matchCriteriaId\":\"37CCF16C-0F1C-4E4B-BA96-7754C6B33F4F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:wnr2000:v3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C547734B-BF1A-4CD9-8FD8-9ECB3D15B0BA\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/98740\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Code-Execution-on-Some-Routers-PSV-2016-0261\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2000v5_-_cve-2017-6862.pdf\",\"source\":\"a2826606-91e7-4eb6-899e-8484bd4575d5\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/98740\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Code-Execution-on-Some-Routers-PSV-2016-0261\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2000v5_-_cve-2017-6862.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-6862\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Code-Execution-on-Some-Routers-PSV-2016-0261\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/98740\", \"name\": \"98740\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2000v5_-_cve-2017-6862.pdf\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T15:41:17.673Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2017-6862\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-07T13:42:36.789125Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-06-08\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-6862\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-06-08T00:00:00.000Z\", \"value\": \"CVE-2017-6862 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-6862\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-120\", \"description\": \"CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-07T13:42:21.823Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42\", \"versions\": [{\"status\": \"affected\", \"version\": \"NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42\"}]}], \"datePublic\": \"2017-05-26T00:00:00.000Z\", \"references\": [{\"url\": \"https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Code-Execution-on-Some-Routers-PSV-2016-0261\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securityfocus.com/bid/98740\", \"name\": \"98740\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2000v5_-_cve-2017-6862.pdf\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Unauthenticated Remote Code Execution\"}]}], \"providerMetadata\": {\"orgId\": \"a2826606-91e7-4eb6-899e-8484bd4575d5\", \"shortName\": \"netgear\", \"dateUpdated\": \"2017-07-17T20:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42\"}]}, \"product_name\": \"NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Code-Execution-on-Some-Routers-PSV-2016-0261\", \"name\": \"https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Code-Execution-on-Some-Routers-PSV-2016-0261\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.securityfocus.com/bid/98740\", \"name\": \"98740\", \"refsource\": \"BID\"}, {\"url\": \"https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2000v5_-_cve-2017-6862.pdf\", \"name\": \"https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2000v5_-_cve-2017-6862.pdf\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Unauthenticated Remote Code Execution\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2017-6862\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"security@netgear.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2017-6862\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:55:40.404Z\", \"dateReserved\": \"2017-03-13T00:00:00.000Z\", \"assignerOrgId\": \"a2826606-91e7-4eb6-899e-8484bd4575d5\", \"datePublished\": \"2017-05-26T20:00:00.000Z\", \"assignerShortName\": \"netgear\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.