CVE-2017-18775

Name of the Vulnerable Software and Affected Versions: NETGEAR R6100 versions prior to 1.0.1.12 NETGEAR R7500 versions prior to 1.0.0.108 NETGEAR WNDR3700v4 versions prior to 1.0.2.86 NETGEAR WNDR4300v1 versions prior to 1.0.2.88 NETGEAR WNDR4300v2 versions prior to 1.0.0.48 NETGEAR WNDR4500v3 versions prior to 1.0.0.48 NETGEAR WNR2000v5 versions prior to 1.0.0.42

Description: Certain NETGEAR devices are affected by a Cross-Site Request Forgery (CSRF) issue. This allows an attacker to perform actions on behalf of a user without their knowledge or consent.

Recommendations: For NETGEAR R6100 version prior to 1.0.1.12, update to version 1.0.1.12 or later. For NETGEAR R7500 version prior to 1.0.0.108, update to version 1.0.0.108 or later. For NETGEAR WNDR3700v4 version prior to 1.0.2.86, update to version 1.0.2.86 or later. For NETGEAR WNDR4300v1 version prior to 1.0.2.88, update to version 1.0.2.88 or later. For NETGEAR WNDR4300v2 version prior to 1.0.0.48, update to version 1.0.0.48 or later. For NETGEAR WNDR4500v3 version prior to 1.0.0.48, update to version 1.0.0.48 or later. For NETGEAR WNR2000v5 version prior to 1.0.0.42, update to version 1.0.0.42 or later.