1. Home
  2. CVE Database
  3. CVE-2017-18848
HIGH · 8.8

CVE-2017-18848

Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.0.36, AC1450 before 1.0.0.36, R7300 before 1.0.0.54, and R8500 before 1.0.2.94.

Vulnerability Description

Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.0.36, AC1450 before 1.0.0.36, R7300 before 1.0.0.54, and R8500 before 1.0.2.94.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
NetgearR6300 Firmware< 1.0.0.36
NetgearR6300v2
NetgearAc1450 Firmware< 1.0.0.36
NetgearAc1450-
NetgearR7300 Firmware< 1.0.0.54
NetgearR7300-
NetgearR8500 Firmware< 1.0.2.94
NetgearR8500-

Related Weaknesses (CWE)

CWE-352

References

FAQ

What is CVE-2017-18848?

CVE-2017-18848 is a vulnerability with a CVSS score of 8.8 (HIGH). Certain NETGEAR devices are affected by CSRF. This affects R6300v2 before 1.0.0.36, AC1450 before 1.0.0.36, R7300 before 1.0.0.54, and R8500 before 1.0.2.94.

How severe is CVE-2017-18848?

CVE-2017-18848 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-18848?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear R6300 Firmware, Netgear R6300, Netgear Ac1450 Firmware, Netgear Ac1450, Netgear R7300 Firmware.