CVE-2017-18777

Name of the Vulnerable Software and Affected Versions: NETGEAR D6220 versions prior to V1.0.0.28 NETGEAR D6400 versions prior to V1.0.0.60 NETGEAR D8500 versions prior to V1.0.3.29 NETGEAR DGN2200v4 versions prior to 1.0.0.82 NETGEAR DGN2200Bv4 versions prior to 1.0.0.82 NETGEAR R6300v2 versions prior to 1.0.4.8 NETGEAR R6400 versions prior to 1.0.1.20 NETGEAR R6700 versions prior to 1.0.1.20 NETGEAR R6900 versions prior to 1.0.1.20 NETGEAR R7000 versions prior to 1.0.7.10 NETGEAR R7100LG versions prior to V1.0.0.32 NETGEAR R7300DST versions prior to 1.0.0.52 NETGEAR R7900 versions prior to 1.0.1.16 NETGEAR R8000 versions prior to 1.0.3.36 NETGEAR R8300 versions prior to 1.0.2.94 NETGEAR R8500 versions prior to 1.0.2.94 NETGEAR WNDR3400v3 versions prior to 1.0.1.12 NETGEAR WNR3500Lv2 versions prior to 1.2.0.40

Description: The issue is related to administrative password disclosure in certain NETGEAR devices.

Recommendations: Update D6220 to version V1.0.0.28 or later. Update D6400 to version V1.0.0.60 or later. Update D8500 to version V1.0.3.29 or later. Update DGN2200v4 to version 1.0.0.82 or later. Update DGN2200Bv4 to version 1.0.0.82 or later. Update R6300v2 to version 1.0.4.8 or later. Update R6400 to version 1.0.1.20 or later. Update R6700 to version 1.0.1.20 or later. Update R6900 to version 1.0.1.20 or later. Update R7000 to version 1.0.7.10 or later. Update R7100LG to version V1.0.0.32 or later. Update R7300DST to version 1.0.0.52 or later. Update R7900 to version 1.0.1.16 or later. Update R8000 to version 1.0.3.36 or later. Update R8300 to version 1.0.2.94 or later. Update R8500 to version 1.0.2.94 or later. Update WNDR3400v3 to version 1.0.1.12 or later. Update WNR3500Lv2 to version 1.2.0.40 or later.