← Voltar para CVEs
CVE-2017-18772
HIGH8.8
Descricao
Certain NETGEAR devices are affected by authentication bypass. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST before 1.0.0.52, R7900 before 1.0.1.12, R8000 before 1.0.3.24, R8500 before 1.0.2.74, and WNR2000v2 before 1.2.0.8.
Detalhes CVE
Pontuacao CVSS v3.18.8
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueADJACENT_NETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado4/22/2020
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
netgear:ex3700netgear:ex3700_firmwarenetgear:ex3800netgear:ex3800_firmwarenetgear:ex6120netgear:ex6120_firmwarenetgear:ex6130netgear:ex6130_firmwarenetgear:r6300netgear:r6300_firmwarenetgear:r6700netgear:r6700_firmwarenetgear:r6900netgear:r6900_firmwarenetgear:r7000netgear:r7000_firmwarenetgear:r7300dstnetgear:r7300dst_firmwarenetgear:r7900netgear:r7900_firmwarenetgear:r8000netgear:r8000_firmwarenetgear:r8500netgear:r8500_firmwarenetgear:wnr2000netgear:wnr2000_firmware
Fraquezas (CWE)
CWE-287
Referencias
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.