CVE-2017-18749

Name of the Vulnerable Software and Affected Versions: JNR1010v2 versions prior to 1.1.0.44 JR6150 versions prior to 1.0.1.10 JWNR2010v5 versions prior to 1.1.0.44 R6050 versions prior to 1.0.1.10 R6100 versions prior to 1.0.1.16 R6220 versions prior to 1.1.0.50 R7500 versions prior to 1.0.0.112 R7500v2 versions prior to 1.0.3.20 R7800 versions prior to 1.0.2.36 R9000 versions prior to 1.0.2.40 WNDR3700v4 versions prior to 1.0.2.88 WNDR3700v5 versions prior to 1.1.0.48 WNDR4300 versions prior to 1.0.2.90 WNDR4300v2 versions prior to 1.0.0.48 WNDR4500v3 versions prior to 1.0.0.48 WNR1000v4 versions prior to 1.1.0.44 WNR2000v5 versions prior to 1.0.0.58 WNR2020 versions prior to 1.1.0.44 WNR2050 versions prior to 1.1.0.44

Description: Certain NETGEAR devices are affected by a CSRF issue.

Recommendations: As a temporary workaround, consider disabling any features that may be vulnerable to CSRF attacks until a patch is available. Update JNR1010v2 to version 1.1.0.44 or later. Update JR6150 to version 1.0.1.10 or later. Update JWNR2010v5 to version 1.1.0.44 or later. Update R6050 to version 1.0.1.10 or later. Update R6100 to version 1.0.1.16 or later. Update R6220 to version 1.1.0.50 or later. Update R7500 to version 1.0.0.112 or later. Update R7500v2 to version 1.0.3.20 or later. Update R7800 to version 1.0.2.36 or later. Update R9000 to version 1.0.2.40 or later. Update WNDR3700v4 to version 1.0.2.88 or later. Update WNDR3700v5 to version 1.1.0.48 or later. Update WNDR4300 to version 1.0.2.90 or later. Update WNDR4300v2 to version 1.0.0.48 or later. Update WNDR4500v3 to version 1.0.0.48 or later. Update WNR1000v4 to version 1.1.0.44 or later. Update WNR2000v5 to version 1.0.0.58 or later. Update WNR2020 to version 1.1.0.44 or later. Update WNR2050 to version 1.1.0.44 or later.