All the vulnerabilites related to netgear - wndr4000_firmware
Vulnerability from fkie_nvd
Published
2020-04-22 17:15
Modified
2024-11-21 03:20
Severity ?
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.66, D8500 before 1.0.3.35, DGN2200Bv4 before 1.0.0.94, DGN2200v4 before 1.0.0.94, R6250 before 1.0.4.14, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.30, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7900 before 1.0.2.4, R8000 before 1.0.4.2, WN2500RPv2 before 1.0.1.50, WNDR3400v3 before 1.0.1.14, and WNDR4000 before 1.0.2.10.
References
cve@mitre.orghttps://kb.netgear.com/000051492/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2756Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://kb.netgear.com/000051492/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2756Vendor Advisory
Impacted products
Vendor Product Version
netgear d6220_firmware *
netgear d6220 -
netgear d6400_firmware *
netgear d6400 -
netgear d8500_firmware *
netgear d8500 -
netgear dgn2200b_firmware *
netgear dgn2200b v4
netgear dgn2200_firmware *
netgear dgn2200 v4
netgear r6250_firmware *
netgear r6250 -
netgear r6300_firmware *
netgear r6300 v2
netgear r6400_firmware *
netgear r6400 -
netgear r6400_firmware *
netgear r6400 v2
netgear r6700_firmware *
netgear r6700 -
netgear r6900_firmware *
netgear r6900 -
netgear r6900p_firmware *
netgear r6900p -
netgear r7000_firmware *
netgear r7000 -
netgear r7000p_firmware *
netgear r7000p -
netgear r7100lg_firmware *
netgear r7100lg -
netgear r7900_firmware *
netgear r7900 -
netgear r8000_firmware *
netgear r8000 -
netgear wn2500rp_firmware *
netgear wn2500rp v2
netgear wndr3400_firmware *
netgear wndr3400 v3
netgear wndr4000_firmware *
netgear wndr4000 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FD6552E-5BF6-4E57-90A7-39C4543B469C",
              "versionEndExcluding": "1.0.0.32",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE087F75-4C99-425C-A9B7-B261E5545297",
              "versionEndExcluding": "1.0.0.66",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9398174B-A4A6-449A-AB91-A93D3D9398DD",
              "versionEndExcluding": "1.0.3.35",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:dgn2200b_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5C27C8A-1B80-47CD-B015-14588F4F8732",
              "versionEndExcluding": "1.0.0.94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:dgn2200b:v4:*:*:*:*:*:*:*",
              "matchCriteriaId": "25090794-A90C-40CD-8E95-87EC4E98B928",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA60A85-77FF-41BF-89FA-7EB3ACFECDB8",
              "versionEndExcluding": "1.0.0.94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*",
              "matchCriteriaId": "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD089FE-0DBF-4C3B-AA02-3A0A27CF9D76",
              "versionEndExcluding": "1.0.4.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "55058831-92FF-4A87-8340-E25AC0DDF89E",
              "versionEndExcluding": "1.0.4.18",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
              "matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54D9B854-7E18-439E-8FD2-C0EC88DA6222",
              "versionEndExcluding": "1.01.32",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDC0DA75-5EB9-4F53-99A9-798FFBFD0C15",
              "versionEndExcluding": "1.0.2.44",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
              "matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "442F153C-737B-44D4-9A6D-EB6F6C47B986",
              "versionEndExcluding": "1.0.1.36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4E70DE3-B7E2-4F51-84E7-045BBCCFAD68",
              "versionEndExcluding": "1.0.1.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "326BBECA-9A76-4A3E-90F7-023797D5D186",
              "versionEndExcluding": "1.3.0.8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDE61DB5-86A6-4810-91CC-18D05DC09507",
              "versionEndExcluding": "1.0.9.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09963BE1-D57D-491A-9BD8-A1A46ED993E0",
              "versionEndExcluding": "1.3.0.8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FB08FA1-A476-4E05-9904-9BE30C9E77B7",
              "versionEndExcluding": "1.0.0.34",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCE1150D-8464-4421-94BD-EE81977BAC34",
              "versionEndExcluding": "1.0.2.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDC9BDA8-A1F1-42D6-8979-3FC7FA96AC62",
              "versionEndExcluding": "1.0.4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E194887B-3570-4E0F-B8DC-072676EDA4A7",
              "versionEndExcluding": "1.0.1.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF8551B9-72D9-46B8-9F66-EE7841E29A26",
              "versionEndExcluding": "1.0.1.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wndr4000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC68564-E9BB-4248-A238-2806A9CE824B",
              "versionEndExcluding": "1.0.2.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wndr4000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C34EC74-D6F1-46F1-B47E-E62793171427",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.66, D8500 before 1.0.3.35, DGN2200Bv4 before 1.0.0.94, DGN2200v4 before 1.0.0.94, R6250 before 1.0.4.14, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.30, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7900 before 1.0.2.4, R8000 before 1.0.4.2, WN2500RPv2 before 1.0.1.50, WNDR3400v3 before 1.0.1.14, and WNDR4000 before 1.0.2.10."
    },
    {
      "lang": "es",
      "value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una configuraci\u00f3n incorrecta de los ajustes de seguridad. Esto afecta a D6220 versiones anteriores a 1.0.0.32, D6400 versiones anteriores a 1.0.0.66, D8500 versiones anteriores a 1.0.3.35, DGN2200Bv4 versiones anteriores a 1.0.0.94, DGN2200v4 versiones anteriores a 1.0.0.94, R6250 versiones anteriores a 1.0.4.14, R6300v2 versiones anteriores a 1.0.4.18, R6400 versiones anteriores a 1.01.32, R6400v2 versiones anteriores a 1.0.2.44, R6700 versiones anteriores a 1.0.1.36, R6900 versiones anteriores a 1.0.1.30, R6900P versiones anteriores a 1.3.0.8, R7000 versiones anteriores a 1.0.9.14, R7000P versiones anteriores a 1.3.0.8, R7100LG versiones anteriores a 1.0.0.34, R7900 versiones anteriores a 1.0.2.4, R8000 versiones anteriores a 1.0.4.2, WN2500RPv2 versiones anteriores a 1.0.1.50, WNDR3400v3 versiones anteriores a 1.0.1.14 y WNDR4000 versiones anteriores a 1.0.2.10."
    }
  ],
  "id": "CVE-2017-18756",
  "lastModified": "2024-11-21T03:20:50.677",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "cve@mitre.org",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-04-22T17:15:11.870",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.netgear.com/000051492/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.netgear.com/000051492/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2756"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-10-09 13:15
Modified
2024-11-21 04:32
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for example, visit MNU_accessPassword_recovered.html to obtain a valid new admin password. This affects AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000, WNR1000v3, WNR3500L, and WNR3500L.
References
cve@mitre.orghttps://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.mdExploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.mdExploit, Third Party Advisory
Impacted products
Vendor Product Version
netgear ac1450_firmware -
netgear ac1450 -
netgear d8500_firmware -
netgear d8500 -
netgear dc112a_firmware -
netgear dc112a -
netgear jndr3000_firmware -
netgear jndr3000 -
netgear lg2200d_firmware -
netgear lg2200d -
netgear r4500_firmware -
netgear r4500 -
netgear r6200_firmware -
netgear r6200 -
netgear r6200v2_firmware -
netgear r6200v2 -
netgear r6250_firmware -
netgear r6250 -
netgear r6300_firmware -
netgear r6300 -
netgear r6300v2_firmware -
netgear r6300v2 -
netgear r6400_firmware -
netgear r6400 -
netgear r6700_firmware -
netgear r6700 -
netgear r6900p_firmware -
netgear r6900p -
netgear r6900_firmware -
netgear r6900 -
netgear r7000p_firmware -
netgear r7000p -
netgear r7000_firmware -
netgear r7000 -
netgear r7100lg_firmware -
netgear r7100lg -
netgear r7300_firmware -
netgear r7300 -
netgear r7900_firmware -
netgear r7900 -
netgear r8000_firmware -
netgear r8000 -
netgear r8300_firmware -
netgear r8300 -
netgear r8500_firmware -
netgear r8500 -
netgear wgr614v10_firmware -
netgear wgr614v10 -
netgear wn2500rpv2_firmware -
netgear wn2500rpv2 -
netgear wndr3400v2_firmware -
netgear wndr3400v2 -
netgear wndr3700v3_firmware -
netgear wndr3700v3 -
netgear wndr4000_firmware -
netgear wndr4000 -
netgear wndr4500_firmware -
netgear wndr4500 -
netgear wndr4500v2_firmware -
netgear wndr4500v2 -
netgear wnr1000_firmware -
netgear wnr1000 -
netgear wnr1000v3_firmware -
netgear wnr1000v3 -
netgear wnr3500l_firmware -
netgear wnr3500l -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ac1450_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AE717E0-B9A2-4A3F-843C-D9A1AEF8D024",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ac1450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4BA18B2-8234-4C26-B865-741D467C5EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:d8500_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E41AF1C1-1F19-4115-AFCD-532FBEA8E3EC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:dc112a_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5C9E5B5-8E65-4593-9F95-92D5C177489D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F87FFC46-137D-45B8-B437-F15565FB33D0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:jndr3000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8B781F1-A82B-4D4B-AEF6-BDBEEE6D6DFF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:jndr3000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DEEEEE5-0798-450E-BF9D-B17A15235C80",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:lg2200d_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D4C2805-BDCA-4ECA-9E4F-B802AECC3E88",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:lg2200d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "410EAA8C-48DF-4B61-875A-8F51048E19B4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r4500_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C461751-BF10-4441-9A2F-10AF054072FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r4500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FCCD5B9-03F9-42CF-B7A5-27A7239FEDB6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6200_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58FBF5B0-466A-4D88-941C-F0DDFC87F4BE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A466B29-3ADA-46D9-824C-8DF9160B7DD7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6200v2_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7D512D3-2F48-442A-97F8-DA43A22DD010",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6200v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5694D19-2577-41B3-87B8-2B50868EA946",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6250_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ED72E5B-9DCF-4A20-8BF1-810BCD9383E5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6300_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E9E9091-E6F8-4BE5-8B31-6682B2C2CE95",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9597966A-B13C-4098-838B-EC9AA8DE443D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6300v2_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EC1E8B7-43FB-46B3-9329-70F2E31292D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6300v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7909744D-FE9B-49D1-ADB3-029CCC432A47",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6400_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08F1474F-34C8-4A04-ABB6-ED3D57A67566",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6700_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "766E6051-787B-414E-BF8B-9663686203AF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6900p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4BCACA-BA08-4595-B829-C3D68EC0F353",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6900_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8041FCF6-A8DB-494E-8542-80FC3BAB22FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7000p_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18FFC1CE-3238-4E4E-9283-D95C142EEC7B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDCA79CB-4006-4F08-83DC-3B72A02E2511",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7100lg_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "79B9CF4B-F6F0-4BCF-BC30-09A4D0C3E8A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7300_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A483635-B300-4D6A-9E1A-CD776A55D48F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29B13F94-F151-4F00-95C3-D9FB22B3CC2B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7900_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7359F6C9-A987-4E51-89C1-81A100CEA4D8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DE7D9C1-33AA-489D-8A66-E6C456D38929",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8300_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "951636C7-B531-4395-A89A-DEAA6AE2093F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8500_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF07E3BB-5FDE-4C79-A893-E6111AED30A5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wgr614v10_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "27BF75F1-13E5-497C-A606-805585BA2CAA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wgr614v10:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6069BE1B-C458-4E51-B704-071BB932F290",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wn2500rpv2_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "110E1E63-3225-4692-98C4-34FF145548D8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wn2500rpv2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65FACC9E-3E0E-4416-9280-706F4FCE436A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wndr3400v2_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CFD82DF-14C0-4D93-A871-C2E71203D1A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wndr3400v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3DB8021-1BC8-4520-A790-C5A3A3ABDA6E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wndr3700v3_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "42FE5EE4-15C3-492C-A006-7BED45C28BC4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wndr3700v3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "603836E6-E7FF-43C7-A410-8BD9D0950F7C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wndr4000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E706326B-FCB4-4F23-9323-B5E92505ECB1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wndr4000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C34EC74-D6F1-46F1-B47E-E62793171427",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wndr4500_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "48524781-AD79-4EBE-8DA3-48A64A09257D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wndr4500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E9F459C-B628-402A-AF4A-72E08FE41837",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wndr4500v2_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47F2C4B9-4B82-49B8-ABBC-C6937281EFB9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wndr4500v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFB2BF35-952C-4E34-AE59-6D73041EB278",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wnr1000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CDF6210-D67B-4434-A619-EC3876D4E745",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wnr1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6E9507F-EE84-4C27-BF38-CEFAB453339F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wnr1000v3_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51C2FC1C-6D85-49C5-AC9F-E0114A3A0999",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wnr1000v3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "252E5C7B-EF02-4374-A43E-02FAA9E697D0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BF3B420-3843-4A62-BC48-50F6A4898D2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wnr3500l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "30A92EDA-46B6-4C2E-AC05-A192FFA90B85",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for example, visit MNU_accessPassword_recovered.html to obtain a valid new admin password. This affects AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000, WNR1000v3, WNR3500L, and WNR3500L."
    },
    {
      "lang": "es",
      "value": "Determinados dispositivos NETGEAR permiten a atacantes remotos deshabilitar todos los requisitos de autenticaci\u00f3n visitando el archivo genieDisableLanChanged.cgi. El atacante puede, por ejemplo, visitar MNU_accessPassword_recovered.html para obtener una nueva contrase\u00f1a de administrador v\u00e1lida. Esto afecta  a AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000, WNR1000v3, WNR3500L y WNR3500L."
    }
  ],
  "id": "CVE-2019-17372",
  "lastModified": "2024-11-21T04:32:12.360",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-09T13:15:16.863",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.md"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.md"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2017-01-17 09:59
Modified
2024-11-21 03:27
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. They are prone to password disclosure via simple crafted requests to the web management server. The bug is exploitable remotely if the remote management option is set, and can also be exploited given access to the router over LAN or WLAN. When trying to access the web panel, a user is asked to authenticate; if the authentication is canceled and password recovery is not enabled, the user is redirected to a page that exposes a password recovery token. If a user supplies the correct token to the page /passwordrecovered.cgi?id=TOKEN (and password recovery is not enabled), they will receive the admin password for the router. If password recovery is set the exploit will fail, as it will ask the user for the recovery questions that were previously set when enabling that feature. This is persistent (even after disabling the recovery option, the exploit will fail) because the router will ask for the security questions.
References
cve@mitre.orghttp://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-VulnerabilityVendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/95457Broken Link, Third Party Advisory, VDB Entry
cve@mitre.orghttps://www.exploit-db.com/exploits/41205/Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-VulnerabilityVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/95457Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/41205/Exploit, Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
netgear r6200_firmware 1.0.1.56_1.0.43
netgear r6200 -
netgear r6300_firmware 1.0.2.78_1.0.58
netgear r6300 -
netgear vegn2610_firmware 1.0.0.36
netgear vegn2610 -
netgear ac1450_firmware 1.0.0.34_10.0.16
netgear ac1450 -
netgear wnr1000v3_firmware 1.0.2.68_60.0.93
netgear wnr1000v3 -
netgear wndr3700v3_firmware 1.0.0.40_1.0.32
netgear wndr3700v3 -
netgear wndr4000_firmware 1.0.2.4_9.1.86
netgear wndr4000 -
netgear wndr4500_firmware 1.0.1.44_1.0.73
netgear wndr4500 -
netgear d6400_firmware 1.0.0.44
netgear d6400 -
netgear d6220_firmware 1.0.0.12
netgear d6220 -
netgear d6300_firmware 1.0.0.96
netgear d6300 -
netgear d6300b_firmware 1.0.0.40
netgear d6300b -
netgear dgn2200bv4_firmware 1.0.0.68
netgear dgn2200bv4 -


To clipboard 

{
  "cisaActionDue": "2022-09-29",
  "cisaExploitAdd": "2022-09-08",
  "cisaRequiredAction": "Apply updates per vendor instructions. If the affected device has since entered end-of-life, it should be disconnected if still in use.",
  "cisaVulnerabilityName": "NETGEAR Multiple Devices Exposure of Sensitive Information Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6200_firmware:1.0.1.56_1.0.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C1769F8-B2CB-465B-85B8-9D7AC25C63CB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A466B29-3ADA-46D9-824C-8DF9160B7DD7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6300_firmware:1.0.2.78_1.0.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "89A99D1C-CABE-4526-B3B7-3708C0E18AC4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9597966A-B13C-4098-838B-EC9AA8DE443D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:vegn2610_firmware:1.0.0.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D329D85-C180-426E-B430-9FEDE5C77F25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:vegn2610:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0967FC76-F977-4D18-B570-9444459A19FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ac1450_firmware:1.0.0.34_10.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "91292776-92F7-4089-86FC-7569C8F940DE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ac1450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4BA18B2-8234-4C26-B865-741D467C5EBE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wnr1000v3_firmware:1.0.2.68_60.0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E35A89F-44C7-496C-B61B-652989EDE438",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wnr1000v3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "252E5C7B-EF02-4374-A43E-02FAA9E697D0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wndr3700v3_firmware:1.0.0.40_1.0.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D59A6F9-0359-4AB4-AD0F-1D6044D59409",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wndr3700v3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "603836E6-E7FF-43C7-A410-8BD9D0950F7C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wndr4000_firmware:1.0.2.4_9.1.86:*:*:*:*:*:*:*",
              "matchCriteriaId": "91561A20-30F5-4163-9178-5FC32897F827",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wndr4000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C34EC74-D6F1-46F1-B47E-E62793171427",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wndr4500_firmware:1.0.1.44_1.0.73:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9874914-4D90-493F-BD2B-40FFF1737F58",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wndr4500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E9F459C-B628-402A-AF4A-72E08FE41837",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:d6400_firmware:1.0.0.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3EB5F49-3628-4418-AF36-AF8FD6F5BA25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:d6220_firmware:1.0.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECD46588-5866-4159-85E1-58B0D1F98406",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:d6300_firmware:1.0.0.96:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B15B85C-F099-4584-9F59-1CFC3275D625",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:d6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78542C95-85CC-43E5-9F0E-B12DDD5B79C4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:d6300b_firmware:1.0.0.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0CE8A8F-7894-4140-8E4B-84153C5A6B13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:d6300b:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B89703-CAFB-43F6-8880-90349F8ED856",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:dgn2200bv4_firmware:1.0.0.68:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1CDFE4F-6C5C-4B10-926E-92C7759D60EF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:dgn2200bv4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C78A475-9DDF-432B-A94A-01EFAC7DC70D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. They are prone to password disclosure via simple crafted requests to the web management server. The bug is exploitable remotely if the remote management option is set, and can also be exploited given access to the router over LAN or WLAN. When trying to access the web panel, a user is asked to authenticate; if the authentication is canceled and password recovery is not enabled, the user is redirected to a page that exposes a password recovery token. If a user supplies the correct token to the page /passwordrecovered.cgi?id=TOKEN (and password recovery is not enabled), they will receive the admin password for the router. If password recovery is set the exploit will fail, as it will ask the user for the recovery questions that were previously set when enabling that feature. This is persistent (even after disabling the recovery option, the exploit will fail) because the router will ask for the security questions."
    },
    {
      "lang": "es",
      "value": "Se ha descubierto un problema en dispositivos NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900 y R8000. Son propensos a revelar la contrase\u00f1a a trav\u00e9s de peticiones simples manipuladas al servidor de gesti\u00f3n de la web. El error es explotable remotamente si la opci\u00f3n de gesti\u00f3n remota est\u00e1 activada, y tambi\u00e9n puede ser explotado dado el acceso al router a trav\u00e9s de LAN o WLAN. Cuando se trata de acceder al panel web, se pide al usuario que se autentique; si la autenticaci\u00f3n se cancela y la recuperaci\u00f3n de contrase\u00f1a no est\u00e1 habilitada, el usuario es redirigido a una p\u00e1gina que revela un token de recuperaci\u00f3n de contrase\u00f1a. Si un usuario proporciona el token correcto a la p\u00e1gina /passwordrecovered.cgi?id=TOKEN (y la recuperaci\u00f3n de contrase\u00f1a no est\u00e1 habilitada), recibir\u00e1n la contrase\u00f1a de administrador para el router. Si la recuperaci\u00f3n de contrase\u00f1a est\u00e1 habilitada, la explotaci\u00f3n fallar\u00e1, ya que pedir\u00e1 al usuario preguntas para la recuperaci\u00f3n que fueron previamente establecidas cuando se habilit\u00f3 esa caracter\u00edstica. Esto es persistente (incluso tras la inhabilitaci\u00f3n de la opci\u00f3n de recuperaci\u00f3n, la explotaci\u00f3n fallar\u00e1) porque el router preguntar\u00e1 por las preguntas de seguridad."
    }
  ],
  "id": "CVE-2017-5521",
  "lastModified": "2024-11-21T03:27:48.497",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-01-17T09:59:00.333",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95457"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/41205/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95457"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/41205/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2019-17372
Vulnerability from cvelistv5
Published
2019-10-09 12:06
Modified
2024-08-05 01:40
Severity ?
Summary
Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for example, visit MNU_accessPassword_recovered.html to obtain a valid new admin password. This affects AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000, WNR1000v3, WNR3500L, and WNR3500L.
References
https://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.mdx_refsource_MISC
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:40:15.201Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for example, visit MNU_accessPassword_recovered.html to obtain a valid new admin password. This affects AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000, WNR1000v3, WNR3500L, and WNR3500L."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-09T12:06:57",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.md"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-17372",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for example, visit MNU_accessPassword_recovered.html to obtain a valid new admin password. This affects AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000, WNR1000v3, WNR3500L, and WNR3500L."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.md",
              "refsource": "MISC",
              "url": "https://github.com/zer0yu/CVE_Request/blob/master/netgear/netgear_cgi_unauthorized_access_vulnerability.md"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-17372",
    "datePublished": "2019-10-09T12:06:57",
    "dateReserved": "2019-10-09T00:00:00",
    "dateUpdated": "2024-08-05T01:40:15.201Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-5521
Vulnerability from cvelistv5
Published
2017-01-17 09:22
Modified
2024-08-05 15:04
Severity ?
Summary
An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. They are prone to password disclosure via simple crafted requests to the web management server. The bug is exploitable remotely if the remote management option is set, and can also be exploited given access to the router over LAN or WLAN. When trying to access the web panel, a user is asked to authenticate; if the authentication is canceled and password recovery is not enabled, the user is redirected to a page that exposes a password recovery token. If a user supplies the correct token to the page /passwordrecovered.cgi?id=TOKEN (and password recovery is not enabled), they will receive the admin password for the router. If password recovery is set the exploit will fail, as it will ask the user for the recovery questions that were previously set when enabling that feature. This is persistent (even after disabling the recovery option, the exploit will fail) because the router will ask for the security questions.
References
https://www.exploit-db.com/exploits/41205/exploit, x_refsource_EXPLOIT-DB
http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerabilityx_refsource_CONFIRM
http://www.securityfocus.com/bid/95457vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:04:14.997Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "41205",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/41205/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability"
          },
          {
            "name": "95457",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95457"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-01-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. They are prone to password disclosure via simple crafted requests to the web management server. The bug is exploitable remotely if the remote management option is set, and can also be exploited given access to the router over LAN or WLAN. When trying to access the web panel, a user is asked to authenticate; if the authentication is canceled and password recovery is not enabled, the user is redirected to a page that exposes a password recovery token. If a user supplies the correct token to the page /passwordrecovered.cgi?id=TOKEN (and password recovery is not enabled), they will receive the admin password for the router. If password recovery is set the exploit will fail, as it will ask the user for the recovery questions that were previously set when enabling that feature. This is persistent (even after disabling the recovery option, the exploit will fail) because the router will ask for the security questions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-31T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "41205",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/41205/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability"
        },
        {
          "name": "95457",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95457"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-5521",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. They are prone to password disclosure via simple crafted requests to the web management server. The bug is exploitable remotely if the remote management option is set, and can also be exploited given access to the router over LAN or WLAN. When trying to access the web panel, a user is asked to authenticate; if the authentication is canceled and password recovery is not enabled, the user is redirected to a page that exposes a password recovery token. If a user supplies the correct token to the page /passwordrecovered.cgi?id=TOKEN (and password recovery is not enabled), they will receive the admin password for the router. If password recovery is set the exploit will fail, as it will ask the user for the recovery questions that were previously set when enabling that feature. This is persistent (even after disabling the recovery option, the exploit will fail) because the router will ask for the security questions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "41205",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/41205/"
            },
            {
              "name": "http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability",
              "refsource": "CONFIRM",
              "url": "http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability"
            },
            {
              "name": "95457",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95457"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-5521",
    "datePublished": "2017-01-17T09:22:00",
    "dateReserved": "2017-01-17T00:00:00",
    "dateUpdated": "2024-08-05T15:04:14.997Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-18756
Vulnerability from cvelistv5
Published
2020-04-22 16:10
Modified
2024-08-05 21:37
Severity ?
8.8 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.66, D8500 before 1.0.3.35, DGN2200Bv4 before 1.0.0.94, DGN2200v4 before 1.0.0.94, R6250 before 1.0.4.14, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.30, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7900 before 1.0.2.4, R8000 before 1.0.4.2, WN2500RPv2 before 1.0.1.50, WNDR3400v3 before 1.0.1.14, and WNDR4000 before 1.0.2.10.
References
https://kb.netgear.com/000051492/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2756x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:37:43.567Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.netgear.com/000051492/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2756"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.66, D8500 before 1.0.3.35, DGN2200Bv4 before 1.0.0.94, DGN2200v4 before 1.0.0.94, R6250 before 1.0.4.14, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.30, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7900 before 1.0.2.4, R8000 before 1.0.4.2, WN2500RPv2 before 1.0.1.50, WNDR3400v3 before 1.0.1.14, and WNDR4000 before 1.0.2.10."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-04-22T16:10:39",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.netgear.com/000051492/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2756"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18756",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.66, D8500 before 1.0.3.35, DGN2200Bv4 before 1.0.0.94, DGN2200v4 before 1.0.0.94, R6250 before 1.0.4.14, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.30, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7900 before 1.0.2.4, R8000 before 1.0.4.2, WN2500RPv2 before 1.0.1.50, WNDR3400v3 before 1.0.1.14, and WNDR4000 before 1.0.2.10."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.netgear.com/000051492/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2756",
              "refsource": "CONFIRM",
              "url": "https://kb.netgear.com/000051492/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2756"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18756",
    "datePublished": "2020-04-22T16:10:39",
    "dateReserved": "2020-04-20T00:00:00",
    "dateUpdated": "2024-08-05T21:37:43.567Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}