Vulnerability Description
NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netgear | Wnr2000 Firmware | < 1.0.0.42 |
| Netgear | Wnr2000 | v5 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/98740Broken LinkThird Party AdvisoryVDB Entry
- https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-CoVendor Advisory
- https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2Broken Link
- http://www.securityfocus.com/bid/98740Broken LinkThird Party AdvisoryVDB Entry
- https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-CoVendor Advisory
- https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2Broken Link
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-US Government Resource
FAQ
What is CVE-2017-6862?
CVE-2017-6862 is a vulnerability with a CVSS score of 9.8 (CRITICAL). NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that use...
How severe is CVE-2017-6862?
CVE-2017-6862 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-6862?
Check the references section above for vendor advisories and patch information. Affected products include: Netgear Wnr2000 Firmware, Netgear Wnr2000.