← Retour aux CVEs
CVE-2017-18755
HIGH8.8
Description
Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.4.8, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000P before 1.0.0.86, R6900P before 1.0.0.56, R7300 before 1.0.0.54, R8300 before 1.0.2.106, R8500 before 1.0.2.106, DGN2200v4 before 1.0.0.86, DGND2200Bv4 before 1.0.0.86, R6050 before 1.0.0.86, JR6150 before 1.0.1.10, R6220 before 1.1.0.50, and WNDR3700v5 before V1.1.0.48.
Details CVE
Score CVSS v3.18.8
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurREQUIRED
Publie4/22/2020
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0
Produits affectes
netgear:dgn2200netgear:dgn2200_firmwarenetgear:dgnd2200bnetgear:dgnd2200b_firmwarenetgear:jr6150netgear:jr6150_firmwarenetgear:r6050netgear:r6050_firmwarenetgear:r6220netgear:r6220_firmwarenetgear:r6300netgear:r6300_firmwarenetgear:r6400netgear:r6400_firmwarenetgear:r6700netgear:r6700_firmwarenetgear:r6900netgear:r6900_firmwarenetgear:r6900pnetgear:r6900p_firmwarenetgear:r7000pnetgear:r7000p_firmwarenetgear:r7300netgear:r7300_firmwarenetgear:r8300netgear:r8300_firmwarenetgear:r8500netgear:r8500_firmwarenetgear:wndr3700netgear:wndr3700_firmware
Faiblesses (CWE)
CWE-352
References
https://kb.netgear.com/000051493/Security-Advisory-for-Cross-Site-Request-Forgery-on-Routers-and-Modem-Routers-PSV-2017-0333(cve@mitre.org)
https://kb.netgear.com/000051493/Security-Advisory-for-Cross-Site-Request-Forgery-on-Routers-and-Modem-Routers-PSV-2017-0333(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.