HIGH✓ PATCH🇬🇧 English

CVE-2017-18863

CVSS 7.1v3.1pub. 2020-04-28upd. 2024-11-21

Certain NETGEAR devices are affected by command execution via a PHP form. This affects WN604 3.3.3 and earlier, WNAP210v2 3.5.20.0 and earlier, WNAP320 3.5.20.0 and earlier, WNDAP350 3.5.20.0 and earlier, WNDAP360 3.5.20.0 and earlier, WNDAP620 2.0.11 and earlier, WNDAP660 3.5.20.0 and earlier, WND930 2.0.11 and earlier, and WAC120 2.0.7 and earlier.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
  • Netgear Wac120

    HW
    Netgear
    wszystkie wersje
  • Netgear Wac120 Firmware

    OS
    Netgear
    < 2.0.7
  • Netgear Wn604

    HW
    Netgear
    wszystkie wersje
  • Netgear Wn604 Firmware

    OS
    Netgear
    < 3.3.3
  • Netgear Wnap210

    HW
    Netgear
    v2
  • Netgear Wnap210 Firmware

    OS
    Netgear
    < 3.5.20.0
  • Netgear Wnap320

    HW
    Netgear
    wszystkie wersje
  • Netgear Wnap320 Firmware

    OS
    Netgear
    < 3.5.20.0
  • Netgear Wnd930

    HW
    Netgear
    wszystkie wersje
  • Netgear Wnd930 Firmware

    OS
    Netgear
    < 2.0.11
  • Netgear Wndap350

    HW
    Netgear
    wszystkie wersje
  • Netgear Wndap350 Firmware

    OS
    Netgear
    < 3.5.20.0
  • Netgear Wndap360

    HW
    Netgear
    wszystkie wersje
  • Netgear Wndap360 Firmware

    OS
    Netgear
    < 3.5.20.0
  • Netgear Wndap620

    HW
    Netgear
    wszystkie wersje
  • Netgear Wndap620 Firmware

    OS
    Netgear
    < 2.0.11
  • Netgear Wndap660

    HW
    Netgear
    wszystkie wersje
  • Netgear Wndap660 Firmware

    OS
    Netgear
    < 3.5.20.0
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2016-1555CRITICAL9.8⚠ KEVten sam produkt

(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php ...

CVE-2018-21097CRITICAL9.8ten sam produkt

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This aff...

CVE-2016-1557CRITICAL9.8ten sam produkt

Netgear WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0 reveal wireless passwords and administrative usernames ...

CVE-2018-21094HIGH7.3ten sam produkt

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects WAC120 befo...

CVE-2018-21096HIGH7.4ten sam produkt

Certain NETGEAR devices are affected by CSRF. This affects WAC120 before 2.1.7, WAC505 before 5.0.5.4, WAC510 ...