PT-2020-8395 · NetGear · Netgear R7300+3
Published
2020-04-20
·
Updated
2020-04-23
·
CVE-2017-18848
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
NETGEAR R6300v2 versions prior to 1.0.0.36
NETGEAR AC1450 versions prior to 1.0.0.36
NETGEAR R7300 versions prior to 1.0.0.54
NETGEAR R8500 versions prior to 1.0.2.94
Description:
The issue affects certain NETGEAR devices, making them susceptible to Cross-Site Request Forgery (CSRF) attacks.
Recommendations:
For NETGEAR R6300v2 versions prior to 1.0.0.36, update to version 1.0.0.36 or later.
For NETGEAR AC1450 versions prior to 1.0.0.36, update to version 1.0.0.36 or later.
For NETGEAR R7300 versions prior to 1.0.0.54, update to version 1.0.0.54 or later.
For NETGEAR R8500 versions prior to 1.0.2.94, update to version 1.0.2.94 or later.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Netgear Ac1450
Netgear R6300V2
Netgear R7300
Netgear R8500