CVE-2017-18762

Name of the Vulnerable Software and Affected Versions: D3600 versions prior to 1.0.0.68 D6000 versions prior to 1.0.0.68 D6100 versions prior to 1.0.0.57 R6100 versions prior to 1.0.1.16 R6900P versions prior to 1.2.0.22 R7000 versions prior to 1.0.9.10 R7000P versions prior to 1.2.0.22 R7100LG versions prior to 1.0.0.40 WNDR3700v4 versions prior to 1.0.2.88 WNDR4300v1 versions prior to 1.0.2.90 WNDR4300v2 versions prior to 1.0.0.48 WNDR4500v3 versions prior to 1.0.0.48 WNR2000v5 versions prior to 1.0.0.58

Description: Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.

Recommendations: For D3600 versions prior to 1.0.0.68, update to version 1.0.0.68 or later. For D6000 versions prior to 1.0.0.68, update to version 1.0.0.68 or later. For D6100 versions prior to 1.0.0.57, update to version 1.0.0.57 or later. For R6100 versions prior to 1.0.1.16, update to version 1.0.1.16 or later. For R6900P versions prior to 1.2.0.22, update to version 1.2.0.22 or later. For R7000 versions prior to 1.0.9.10, update to version 1.0.9.10 or later. For R7000P versions prior to 1.2.0.22, update to version 1.2.0.22 or later. For R7100LG versions prior to 1.0.0.40, update to version 1.0.0.40 or later. For WNDR3700v4 versions prior to 1.0.2.88, update to version 1.0.2.88 or later. For WNDR4300v1 versions prior to 1.0.2.90, update to version 1.0.2.90 or later. For WNDR4300v2 versions prior to 1.0.0.48, update to version 1.0.0.48 or later. For WNDR4500v3 versions prior to 1.0.0.48, update to version 1.0.0.48 or later. For WNR2000v5 versions prior to 1.0.0.58, update to version 1.0.0.58 or later.