PT-2020-8389 · NetGear · Netgear R7300+3

Published

2020-04-20

Updated

2020-04-23

CVE-2017-18842

CVSS v3.1

8.8

High

Vector

AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:R

Name of the Vulnerable Software and Affected Versions: NETGEAR R7300 versions prior to 1.0.0.54 NETGEAR R8500 versions prior to 1.0.2.94 NETGEAR DGN2200v1 versions prior to 1.0.0.55 NETGEAR D2200D/D2200DW-1FRNAS versions prior to 1.0.0.32

Description: The issue affects certain NETGEAR devices, making them susceptible to CSRF attacks.

Recommendations: For R7300, update to version 1.0.0.54 or later. For R8500, update to version 1.0.2.94 or later. For DGN2200v1, update to version 1.0.0.55 or later. For D2200D/D2200DW-1FRNAS, update to version 1.0.0.32 or later.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2017-18842

Affected Products

Netgear D2200D/D2200Dw-1Frnas

Netgear Dgn2200V1

Netgear R7300

Netgear R8500

PT-2020-8389 · NetGear · Netgear R7300+3

CVE-2017-18842

Weakness Enumeration

Related Identifiers

Affected Products

References · 4