Vulnerability Description
Certain NETGEAR devices are affected by command injection. This affects D6200 before 1.1.00.24, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6050 before 1.0.1.12, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netgear | D6200 Firmware | < 1.1.00.24 |
| Netgear | D6200 | - |
| Netgear | Jnr1010 Firmware | < 1.1.0.44 |
| Netgear | Jnr1010 | v2 |
| Netgear | Jr6150 Firmware | < 1.0.1.12 |
| Netgear | Jr6150 | - |
| Netgear | Jwnr2010 Firmware | < 1.1.0.44 |
| Netgear | Jwnr2010 | v5 |
| Netgear | Pr2000 Firmware | < 1.0.0.20 |
| Netgear | Pr2000 | - |
| Netgear | R6050 Firmware | < 1.0.1.12 |
| Netgear | R6050 | - |
| Netgear | Wnr1000 Firmware | < 1.1.0.44 |
| Netgear | Wnr1000 | v4 |
| Netgear | Wnr2020 Firmware | < 1.1.0.44 |
| Netgear | Wnr2020 | - |
| Netgear | Wnr2050 Firmware | < 1.1.0.44 |
| Netgear | Wnr2050 | - |
Related Weaknesses (CWE)
References
- https://kb.netgear.com/000049529/Security-Advisory-for-Command-Injection-on-SomeVendor Advisory
- https://kb.netgear.com/000049529/Security-Advisory-for-Command-Injection-on-SomeVendor Advisory
FAQ
What is CVE-2017-18786?
CVE-2017-18786 is a vulnerability with a CVSS score of 7.8 (HIGH). Certain NETGEAR devices are affected by command injection. This affects D6200 before 1.1.00.24, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R...
How severe is CVE-2017-18786?
CVE-2017-18786 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-18786?
Check the references section above for vendor advisories and patch information. Affected products include: Netgear D6200 Firmware, Netgear D6200, Netgear Jnr1010 Firmware, Netgear Jnr1010, Netgear Jr6150 Firmware.