CVE-2017-18849

Name of the Vulnerable Software and Affected Versions: D6220 versions prior to 1.0.0.26 D6400 versions prior to 1.0.0.60 D8500 versions prior to 1.0.3.29 R6250 versions prior to 1.0.4.12 R6400 versions prior to 1.01.24 R6400v2 versions prior to 1.0.2.30 R6700 versions prior to 1.0.1.22 R6900 versions prior to 1.0.1.22 R6900P versions prior to 1.0.0.56 R7000 versions prior to 1.0.9.4 R7000P versions prior to 1.0.0.56 R7100LG versions prior to 1.0.0.32 R7300DST versions prior to 1.0.0.54 R7900 versions prior to 1.0.1.18 R8000 versions prior to 1.0.3.44 R8300 versions prior to 1.0.2.100 1.0.82 R8500 versions prior to 1.0.2.100 1.0.82

Description: Certain NETGEAR devices are affected by command injection.

Recommendations: For D6220 version prior to 1.0.0.26, update to version 1.0.0.26 or later. For D6400 version prior to 1.0.0.60, update to version 1.0.0.60 or later. For D8500 version prior to 1.0.3.29, update to version 1.0.3.29 or later. For R6250 version prior to 1.0.4.12, update to version 1.0.4.12 or later. For R6400 version prior to 1.01.24, update to version 1.01.24 or later. For R6400v2 version prior to 1.0.2.30, update to version 1.0.2.30 or later. For R6700 version prior to 1.0.1.22, update to version 1.0.1.22 or later. For R6900 version prior to 1.0.1.22, update to version 1.0.1.22 or later. For R6900P version prior to 1.0.0.56, update to version 1.0.0.56 or later. For R7000 version prior to 1.0.9.4, update to version 1.0.9.4 or later. For R7000P version prior to 1.0.0.56, update to version 1.0.0.56 or later. For R7100LG version prior to 1.0.0.32, update to version 1.0.0.32 or later. For R7300DST version prior to 1.0.0.54, update to version 1.0.0.54 or later. For R7900 version prior to 1.0.1.18, update to version 1.0.1.18 or later. For R8000 version prior to 1.0.3.44, update to version 1.0.3.44 or later. For R8300 version prior to 1.0.2.100 1.0.82, update to version 1.0.2.100 1.0.82 or later. For R8500 version prior to 1.0.2.100 1.0.82, update to version 1.0.2.100 1.0.82 or later.