CVE-2017-18776

Name of the Vulnerable Software and Affected Versions: D6100 versions prior to V1.0.0.55 D7000 versions prior to V1.0.1.50 D7800 versions prior to V1.0.1.24 JNR1010v2 versions prior to 1.1.0.40 JWNR2010v5 versions prior to 1.1.0.40 R6100 versions prior to 1.0.1.12 R6220 versions prior to 1.1.0.50 R7500 versions prior to 1.0.0.108 R7500v2 versions prior to 1.0.3.10 WNDR4300v1 versions prior to 1.0.2.88 WNDR4300v2 versions prior to 1.0.0.48 WNDR4500v3 versions prior to 1.0.0.48 WNR1000v4 versions prior to 1.1.0.40 WNR2000v5 versions prior to 1.0.0.42 WNR2020 versions prior to 1.1.0.40 WNR2050 versions prior to 1.1.0.40

Description: Certain NETGEAR devices are affected by authentication bypass.

Recommendations: As a temporary workaround, consider disabling authentication for the affected devices until a patch is available. For D6100, update to V1.0.0.55 or later. For D7000, update to V1.0.1.50 or later. For D7800, update to V1.0.1.24 or later. For JNR1010v2, update to 1.1.0.40 or later. For JWNR2010v5, update to 1.1.0.40 or later. For R6100, update to 1.0.1.12 or later. For R6220, update to 1.1.0.50 or later. For R7500, update to 1.0.0.108 or later. For R7500v2, update to 1.0.3.10 or later. For WNDR4300v1, update to 1.0.2.88 or later. For WNDR4300v2, update to 1.0.0.48 or later. For WNDR4500v3, update to 1.0.0.48 or later. For WNR1000v4, update to 1.1.0.40 or later. For WNR2000v5, update to 1.0.0.42 or later. For WNR2020, update to 1.1.0.40 or later. For WNR2050, update to 1.1.0.40 or later.