CVE-2018-21225

Name of the Vulnerable Software and Affected Versions NETGEAR D7000 versions prior to 1.0.1.60 NETGEAR D7800 versions prior to 1.0.1.34 NETGEAR D8500 versions prior to 1.0.3.39 NETGEAR R6700 versions prior to 1.0.1.30 NETGEAR R6700v2 versions prior to 1.2.0.16 NETGEAR R6800 versions prior to 1.2.0.16 NETGEAR R6900 versions prior to 1.0.1.30 NETGEAR R6900P versions prior to 1.2.0.22 NETGEAR R6900v2 versions prior to 1.2.0.16 NETGEAR R7000 versions prior to 1.0.9.12 NETGEAR R7000P versions prior to 1.2.0.22 NETGEAR R7500v2 versions prior to 1.0.3.20 NETGEAR R7800 versions prior to 1.0.2.44 NETGEAR R8300 versions prior to 1.0.2.106 NETGEAR R8500 versions prior to 1.0.2.106 NETGEAR R9000 versions prior to 1.0.2.52

Description The issue allows command injection by an authenticated user.

Recommendations For NETGEAR D7000, update to version 1.0.1.60 or later. For NETGEAR D7800, update to version 1.0.1.34 or later. For NETGEAR D8500, update to version 1.0.3.39 or later. For NETGEAR R6700, update to version 1.0.1.30 or later. For NETGEAR R6700v2, update to version 1.2.0.16 or later. For NETGEAR R6800, update to version 1.2.0.16 or later. For NETGEAR R6900, update to version 1.0.1.30 or later. For NETGEAR R6900P, update to version 1.2.0.22 or later. For NETGEAR R6900v2, update to version 1.2.0.16 or later. For NETGEAR R7000, update to version 1.0.9.12 or later. For NETGEAR R7000P, update to version 1.2.0.22 or later. For NETGEAR R7500v2, update to version 1.0.3.20 or later. For NETGEAR R7800, update to version 1.0.2.44 or later. For NETGEAR R8300, update to version 1.0.2.106 or later. For NETGEAR R8500, update to version 1.0.2.106 or later. For NETGEAR R9000, update to version 1.0.2.52 or later.