CVE-2017-18805 — MEDIUM (6.7)

Q: How severe is CVE-2017-18805?

CVE-2017-18805 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2017-18805?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear Wac510 Firmware, Netgear Wac510, Netgear Wac120 Firmware, Netgear Wac120, Netgear Wndap620 Firmware.

Vulnerability Description

Certain NETGEAR devices are affected by command injection. This affects WAC510 before 1.3.0.10, WAC120 before 2.1.4, WNDAP620 before 2.1.3, WND930 before 2.1.2, WN604 before 3.3.7, WNDAP660 before 3.7.4.0, WNDAP350 before 3.7.4.0, WNAP320 before 3.7.4.0, WNAP210v2 before 3.7.4.0, and WNDAP360 before 3.7.4.0.

CVSS Score

6.7

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Netgear	Wac510 Firmware	< 1.3.0.10
Netgear	Wac510	-
Netgear	Wac120 Firmware	< 2.1.4
Netgear	Wac120	-
Netgear	Wndap620 Firmware	< 2.1.3
Netgear	Wndap620	-
Netgear	Wnd930 Firmware	< 2.1.2
Netgear	Wnd930	-
Netgear	Wn604 Firmware	< 3.3.7
Netgear	Wn604	-
Netgear	Wndap660 Firmware	< 3.7.4.0
Netgear	Wndap660	-
Netgear	Wndap350 Firmware	< 3.7.4.0
Netgear	Wndap350	-
Netgear	Wnap320 Firmware	< 3.7.4.0
Netgear	Wnap320	-
Netgear	Wnap210 Firmware	< 3.7.4.0
Netgear	Wnap210	v2
Netgear	Wndap360 Firmware	< 3.7.4.0
Netgear	Wndap360	-

Related Weaknesses (CWE)

CWE-74

References

https://kb.netgear.com/000049060/Security-Advisory-for-Command-Injection-VulneraVendor Advisory
https://kb.netgear.com/000049060/Security-Advisory-for-Command-Injection-VulneraVendor Advisory

FAQ

What is CVE-2017-18805?

CVE-2017-18805 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Certain NETGEAR devices are affected by command injection. This affects WAC510 before 1.3.0.10, WAC120 before 2.1.4, WNDAP620 before 2.1.3, WND930 before 2.1.2, WN604 before 3.3.7, WNDAP660 before 3.7...

How severe is CVE-2017-18805?

CVE-2017-18805 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-18805?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear Wac510 Firmware, Netgear Wac510, Netgear Wac120 Firmware, Netgear Wac120, Netgear Wndap620 Firmware.