CVE-2017-18704

Name of the Vulnerable Software and Affected Versions: NETGEAR D6220 versions prior to 1.0.0.32 NETGEAR D6400 versions prior to 1.0.0.60 NETGEAR D8500 versions prior to 1.0.3.29 NETGEAR R6250 versions prior to 1.0.4.16 NETGEAR R6300v2 versions prior to 1.0.4.18 NETGEAR R6400 versions prior to 1.01.32 NETGEAR R6400v2 versions prior to 1.0.2.44 NETGEAR R6700 versions prior to 1.0.1.36 NETGEAR R6900 versions prior to 1.0.1.34 NETGEAR R7000 versions prior to 1.0.9.14 NETGEAR R7000P versions prior to 1.3.0.8 NETGEAR R6900P versions prior to 1.3.0.8 NETGEAR R7100LG versions prior to 1.0.0.34 NETGEAR R7300DST versions prior to 1.0.0.56 NETGEAR R7900 versions prior to 1.0.1.26 NETGEAR R8000 versions prior to 1.0.4.4 NETGEAR R8500 versions prior to 1.0.2.106 NETGEAR R8300 versions prior to 1.0.2.106 NETGEAR WNDR3400v3 versions prior to 1.0.1.16

Description: The issue allows an attacker to read arbitrary files on certain NETGEAR devices.

Recommendations: For D6220 versions prior to 1.0.0.32, update to version 1.0.0.32 or later. For D6400 versions prior to 1.0.0.60, update to version 1.0.0.60 or later. For D8500 versions prior to 1.0.3.29, update to version 1.0.3.29 or later. For R6250 versions prior to 1.0.4.16, update to version 1.0.4.16 or later. For R6300v2 versions prior to 1.0.4.18, update to version 1.0.4.18 or later. For R6400 versions prior to 1.01.32, update to version 1.01.32 or later. For R6400v2 versions prior to 1.0.2.44, update to version 1.0.2.44 or later. For R6700 versions prior to 1.0.1.36, update to version 1.0.1.36 or later. For R6900 versions prior to 1.0.1.34, update to version 1.0.1.34 or later. For R7000 versions prior to 1.0.9.14, update to version 1.0.9.14 or later. For R7000P versions prior to 1.3.0.8, update to version 1.3.0.8 or later. For R6900P versions prior to 1.3.0.8, update to version 1.3.0.8 or later. For R7100LG versions prior to 1.0.0.34, update to version 1.0.0.34 or later. For R7300DST versions prior to 1.0.0.56, update to version 1.0.0.56 or later. For R7900 versions prior to 1.0.1.26, update to version 1.0.1.26 or later. For R8000 versions prior to 1.0.4.4, update to version 1.0.4.4 or later. For R8500 versions prior to 1.0.2.106, update to version 1.0.2.106 or later. For R8300 versions prior to 1.0.2.106, update to version 1.0.2.106 or later. For WNDR3400v3 versions prior to 1.0.1.16, update to version 1.0.1.16 or later.