PT-2020-8355 · NetGear · Wnap320+9
Published
2020-04-21
·
Updated
2020-04-23
·
CVE-2017-18806
CVSS v3.1
6.7
Medium
| Vector | AC:L/AV:L/A:H/C:H/I:H/PR:H/S:U/UI:N |
Name of the Vulnerable Software and Affected Versions:
WAC510 versions prior to 1.3.0.10
WAC120 versions prior to 2.1.4
WNDAP620 versions prior to 2.1.3
WND930 versions prior to 2.1.2
WN604 versions prior to 3.3.7
WNDAP660 version 3.7.4.0
WNDAP350 version 3.7.4.0
WNAP320 version 3.7.4.0
WNAP210v2 version 3.7.4.0
WNDAP360 version 3.7.4.0
Description:
Certain NETGEAR devices are affected by command injection.
Recommendations:
For WAC510 versions prior to 1.3.0.10, update to version 1.3.0.10 or later.
For WAC120 versions prior to 2.1.4, update to version 2.1.4 or later.
For WNDAP620 versions prior to 2.1.3, update to version 2.1.3 or later.
For WND930 versions prior to 2.1.2, update to version 2.1.2 or later.
For WN604 versions prior to 3.3.7, update to version 3.3.7 or later.
For WNDAP660 version 3.7.4.0, update to a version later than 3.7.4.0.
For WNDAP350 version 3.7.4.0, update to a version later than 3.7.4.0.
For WNAP320 version 3.7.4.0, update to a version later than 3.7.4.0.
For WNAP210v2 version 3.7.4.0, update to a version later than 3.7.4.0.
For WNDAP360 version 3.7.4.0, update to a version later than 3.7.4.0.
Fix
Special Elements Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wac120
Wac510
Wn604
Wnap210V2
Wnap320
Wnd930
Wndap350
Wndap360
Wndap620
Wndap660