CVE-2017-18860 — HIGH (7.7)

Q: How severe is CVE-2017-18860?

CVE-2017-18860 has been rated HIGH with a CVSS base score of 7.7/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2017-18860?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear Fs752Tp Firmware, Netgear Fs752Tp, Netgear Gs108T Firmware, Netgear Gs108Tv2, Netgear Gs110Tp Firmware.

Vulnerability Description

Certain NETGEAR devices are affected by debugging command execution. This affects FS752TP 5.4.2.19 and earlier, GS108Tv2 5.4.2.29 and earlier, GS110TP 5.4.2.29 and earlier, GS418TPP 6.6.2.6 and earlier, GS510TLP 6.6.2.6 and earlier, GS510TP 5.04.2.27 and earlier, GS510TPP 6.6.2.6 and earlier, GS716Tv2 5.4.2.27 and earlier, GS716Tv3 6.3.1.16 and earlier, GS724Tv3 5.4.2.27 and earlier, GS724Tv4 6.3.1.16 and earlier, GS728TPSB 5.3.0.29 and earlier, GS728TSB 5.3.0.29 and earlier, GS728TXS 6.1.0.35 and earlier, GS748Tv4 5.4.2.27 and earlier, GS748Tv5 6.3.1.16 and earlier, GS752TPSB 5.3.0.29 and earlier, GS752TSB 5.3.0.29 and earlier, GS752TXS 6.1.0.35 and earlier, M4200 12.0.2.10 and earlier, M4300 12.0.2.10 and earlier, M5300 11.0.0.28 and earlier, M6100 11.0.0.28 and earlier, M7100 11.0.0.28 and earlier, S3300 6.6.1.4 and earlier, XS708T 6.6.0.11 and earlier, XS712T 6.1.0.34 and earlier, and XS716T 6.6.0.11 and earlier.

CVSS Score

7.7

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Netgear	Fs752Tp Firmware	<= 5.4.2.19
Netgear	Fs752Tp	-
Netgear	Gs108T Firmware	<= 5.4.2.29
Netgear	Gs108Tv2	-
Netgear	Gs110Tp Firmware	<= 5.4.2.29
Netgear	Gs110Tp	-
Netgear	Gs418Tpp Firmware	<= 6.6.2.6
Netgear	Gs418Tpp	-
Netgear	Gs510Tlp Firmware	<= 6.6.2.6
Netgear	Gs510Tlp	-
Netgear	Gs510Tp Firmware	<= 5.04.2.27
Netgear	Gs510Tp	-
Netgear	Gs510Tpp Firmware	<= 6.6.2.6
Netgear	Gs510Tpp	-
Netgear	Gs716T Firmware	<= 5.4.2.27
Netgear	Gs716T	v2
Netgear	Gs724T Firmware	<= 5.4.2.27
Netgear	Gs724T	v3
Netgear	Gs728Tpsb Firmware	<= 5.3.0.29
Netgear	Gs728Tpsb	-

Related Weaknesses (CWE)

CWE-74

References

https://kb.netgear.com/000038519/Security-Advisory-for-Authentication-Bypass-andVendor Advisory
https://kb.netgear.com/000038519/Security-Advisory-for-Authentication-Bypass-andVendor Advisory

FAQ

What is CVE-2017-18860?

CVE-2017-18860 is a vulnerability with a CVSS score of 7.7 (HIGH). Certain NETGEAR devices are affected by debugging command execution. This affects FS752TP 5.4.2.19 and earlier, GS108Tv2 5.4.2.29 and earlier, GS110TP 5.4.2.29 and earlier, GS418TPP 6.6.2.6 and earlie...

How severe is CVE-2017-18860?

CVE-2017-18860 has been rated HIGH with a CVSS base score of 7.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-18860?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear Fs752Tp Firmware, Netgear Fs752Tp, Netgear Gs108T Firmware, Netgear Gs108Tv2, Netgear Gs110Tp Firmware.