1. Home
  2. CVE Database
  3. CVE-2017-18712
MEDIUM · 6.5

CVE-2017-18712

Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D7800 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.20, R7800...

Vulnerability Description

Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D7800 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR4300v2 before 1.0.0.48, and WNDR4500v3 before 1.0.0.48.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
NetgearR7800 Firmware< 1.0.2.40
NetgearR7800-
NetgearR9000 Firmware< 1.0.2.52
NetgearR9000-
NetgearR7500 Firmware< 1.0.0.118
NetgearR7500-
NetgearWndr4300 Firmware< 1.0.0.48
NetgearWndr4300v2
NetgearWndr4500 Firmware< 1.0.0.48
NetgearWndr4500v3
NetgearR6100 Firmware< 1.0.1.20
NetgearR6100-
NetgearD7800 Firmware< 1.0.1.28
NetgearD7800-

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2017-18712?

CVE-2017-18712 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D7800 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.20, R7800...

How severe is CVE-2017-18712?

CVE-2017-18712 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-18712?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear R7800 Firmware, Netgear R7800, Netgear R9000 Firmware, Netgear R9000, Netgear R7500 Firmware.