Vulnerability Description
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects R6700v2 before 1.1.0.38, R6800 before 1.1.0.38, and D7000 before 1.0.1.50.
CVSS Score
7.8
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netgear | R6700 Firmware | < 1.1.0.38 |
| Netgear | R6700 | v2 |
| Netgear | R6800 Firmware | < 1.1.0.38 |
| Netgear | R6800 | - |
| Netgear | D7000 Firmware | < 1.0.1.50 |
| Netgear | D7000 | - |
Related Weaknesses (CWE)
References
- https://kb.netgear.com/000049015/Security-Advisory-for-an-Admin-Credential-DisclVendor Advisory
- https://kb.netgear.com/000049015/Security-Advisory-for-an-Admin-Credential-DisclVendor Advisory
FAQ
What is CVE-2017-18844?
CVE-2017-18844 is a vulnerability with a CVSS score of 7.8 (HIGH). Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects R6700v2 before 1.1.0.38, R6800 before 1.1.0.38, and D7000 before 1.0.1.50.
How severe is CVE-2017-18844?
CVE-2017-18844 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-18844?
Check the references section above for vendor advisories and patch information. Affected products include: Netgear R6700 Firmware, Netgear R6700, Netgear R6800 Firmware, Netgear R6800, Netgear D7000 Firmware.