Vulnerability Description
Certain NETGEAR devices are affected by command execution via a PHP form. This affects WN604 3.3.3 and earlier, WNAP210v2 3.5.20.0 and earlier, WNAP320 3.5.20.0 and earlier, WNDAP350 3.5.20.0 and earlier, WNDAP360 3.5.20.0 and earlier, WNDAP620 2.0.11 and earlier, WNDAP660 3.5.20.0 and earlier, WND930 2.0.11 and earlier, and WAC120 2.0.7 and earlier.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netgear | Wn604 Firmware | < 3.3.3 |
| Netgear | Wn604 | - |
| Netgear | Wnap210 Firmware | < 3.5.20.0 |
| Netgear | Wnap210 | v2 |
| Netgear | Wnap320 Firmware | < 3.5.20.0 |
| Netgear | Wnap320 | - |
| Netgear | Wndap350 Firmware | < 3.5.20.0 |
| Netgear | Wndap350 | - |
| Netgear | Wndap360 Firmware | < 3.5.20.0 |
| Netgear | Wndap360 | - |
| Netgear | Wndap620 Firmware | < 2.0.11 |
| Netgear | Wndap620 | - |
| Netgear | Wndap660 Firmware | < 3.5.20.0 |
| Netgear | Wndap660 | - |
| Netgear | Wnd930 Firmware | < 2.0.11 |
| Netgear | Wnd930 | - |
| Netgear | Wac120 Firmware | < 2.0.7 |
| Netgear | Wac120 | - |
Related Weaknesses (CWE)
References
- https://kb.netgear.com/000037827/Security-Advisory-for-PHP-Vulnerabilities-on-WiVendor Advisory
- https://kb.netgear.com/000037827/Security-Advisory-for-PHP-Vulnerabilities-on-WiVendor Advisory
FAQ
What is CVE-2017-18863?
CVE-2017-18863 is a vulnerability with a CVSS score of 7.1 (HIGH). Certain NETGEAR devices are affected by command execution via a PHP form. This affects WN604 3.3.3 and earlier, WNAP210v2 3.5.20.0 and earlier, WNAP320 3.5.20.0 and earlier, WNDAP350 3.5.20.0 and earl...
How severe is CVE-2017-18863?
CVE-2017-18863 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-18863?
Check the references section above for vendor advisories and patch information. Affected products include: Netgear Wn604 Firmware, Netgear Wn604, Netgear Wnap210 Firmware, Netgear Wnap210, Netgear Wnap320 Firmware.