cnvd - cnvd-2020-42252

CNVD-2020-42252

Vulnerability from cnvd - Published: 2020-07-24

Title

多款NETGEAR产品授权问题漏洞（CNVD-2020-42252）

Description

NETGEAR R6400等都是美国网件（NETGEAR）公司的产品。NETGEAR R6400是一款无线路由器。NETGEAR D6400是一款无线调制解调器。NETGEAR D6220是一款无线调制解调器。多款NETGEAR产品中存在安全漏洞。攻击者可利用该漏洞绕过身份验证。

Severity

中

Patch Name

多款NETGEAR产品授权问题漏洞（CNVD-2020-42252）的补丁

Patch Description

NETGEAR R6400等都是美国网件（NETGEAR）公司的产品。NETGEAR R6400是一款无线路由器。NETGEAR D6400是一款无线调制解调器。NETGEAR D6220是一款无线调制解调器。多款NETGEAR产品中存在安全漏洞。攻击者可利用该漏洞绕过身份验证。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://kb.netgear.com/000048998/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-or-Modem-Routers-PSV-2017-1208

Reference

https://nvd.nist.gov/vuln/detail/CVE-2017-18850

Impacted products

Name
['NETGEAR D6400 <1.0.0.60', 'NETGEAR D8500 <1.0.3.29', 'NETGEAR R6700 <1.0.1.22', 'NETGEAR R6900 <1.0.1.22', 'NETGEAR R7100LG <1.0.0.32', 'NETGEAR R7300DST <1.0.0.54', 'NETGEAR R7900 <1.0.1.18', 'NETGEAR R6250 <1.0.4.12', 'NETGEAR D6220 <1.0.0.26', 'NETGEAR R6400 <1.01.24', 'NETGEAR R6400v2 <1.0.2.30', 'NETGEAR R6900P <1.0.0.56', 'NETGEAR R7000 <1.0.9.4', 'NETGEAR R7000P <1.0.0.56', 'NETGEAR R8000 <1.0.3.44', 'NETGEAR R8300 <1.0.2.100_1.0.82', 'NETGEAR R8500 <1.0.2.100_1.0.82']

Name

['NETGEAR D6400 <1.0.0.60', 'NETGEAR D8500 <1.0.3.29', 'NETGEAR R6700 <1.0.1.22', 'NETGEAR R6900 <1.0.1.22', 'NETGEAR R7100LG <1.0.0.32', 'NETGEAR R7300DST <1.0.0.54', 'NETGEAR R7900 <1.0.1.18', 'NETGEAR R6250 <1.0.4.12', 'NETGEAR D6220 <1.0.0.26', 'NETGEAR R6400 <1.01.24', 'NETGEAR R6400v2 <1.0.2.30', 'NETGEAR R6900P <1.0.0.56', 'NETGEAR R7000 <1.0.9.4', 'NETGEAR R7000P <1.0.0.56', 'NETGEAR R8000 <1.0.3.44', 'NETGEAR R8300 <1.0.2.100_1.0.82', 'NETGEAR R8500 <1.0.2.100_1.0.82']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-18850"
    }
  },
  "description": "NETGEAR R6400\u7b49\u90fd\u662f\u7f8e\u56fd\u7f51\u4ef6\uff08NETGEAR\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002NETGEAR R6400\u662f\u4e00\u6b3e\u65e0\u7ebf\u8def\u7531\u5668\u3002NETGEAR D6400\u662f\u4e00\u6b3e\u65e0\u7ebf\u8c03\u5236\u89e3\u8c03\u5668\u3002NETGEAR D6220\u662f\u4e00\u6b3e\u65e0\u7ebf\u8c03\u5236\u89e3\u8c03\u5668\u3002\n\n\u591a\u6b3eNETGEAR\u4ea7\u54c1\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://kb.netgear.com/000048998/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-or-Modem-Routers-PSV-2017-1208",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-42252",
  "openTime": "2020-07-24",
  "patchDescription": "NETGEAR R6400\u7b49\u90fd\u662f\u7f8e\u56fd\u7f51\u4ef6\uff08NETGEAR\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002NETGEAR R6400\u662f\u4e00\u6b3e\u65e0\u7ebf\u8def\u7531\u5668\u3002NETGEAR D6400\u662f\u4e00\u6b3e\u65e0\u7ebf\u8c03\u5236\u89e3\u8c03\u5668\u3002NETGEAR D6220\u662f\u4e00\u6b3e\u65e0\u7ebf\u8c03\u5236\u89e3\u8c03\u5668\u3002\r\n\r\n\u591a\u6b3eNETGEAR\u4ea7\u54c1\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eNETGEAR\u4ea7\u54c1\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\uff08CNVD-2020-42252\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "NETGEAR D6400 \u003c1.0.0.60",
      "NETGEAR D8500 \u003c1.0.3.29",
      "NETGEAR R6700 \u003c1.0.1.22",
      "NETGEAR R6900 \u003c1.0.1.22",
      "NETGEAR R7100LG \u003c1.0.0.32",
      "NETGEAR R7300DST \u003c1.0.0.54",
      "NETGEAR R7900 \u003c1.0.1.18",
      "NETGEAR R6250 \u003c1.0.4.12",
      "NETGEAR D6220 \u003c1.0.0.26",
      "NETGEAR R6400 \u003c1.01.24",
      "NETGEAR R6400v2 \u003c1.0.2.30",
      "NETGEAR R6900P \u003c1.0.0.56",
      "NETGEAR R7000 \u003c1.0.9.4",
      "NETGEAR R7000P \u003c1.0.0.56",
      "NETGEAR R8000 \u003c1.0.3.44",
      "NETGEAR R8300 \u003c1.0.2.100_1.0.82",
      "NETGEAR R8500 \u003c1.0.2.100_1.0.82"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2017-18850",
  "serverity": "\u4e2d",
  "submitTime": "2020-04-21",
  "title": "\u591a\u6b3eNETGEAR\u4ea7\u54c1\u6388\u6743\u95ee\u9898\u6f0f\u6d1e\uff08CNVD-2020-42252\uff09"
}

CVE-2017-18850 (GCVE-0-2017-18850)

Vulnerability from cvelistv5 – Published: 2020-04-20 13:51 – Updated: 2024-08-05 21:37

Summary

Certain NETGEAR devices are affected by authentication bypass. This affects D6220 before 1.0.0.26, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.12, R6400 before 1.01.24, R6400v2 before 1.0.2.30, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R6900P before 1.0.0.56, R7000 before 1.0.9.4, R7000P before 1.0.0.56, R7100LG before 1.0.0.32, R7300DST before 1.0.0.54, R7900 before 1.0.1.18, R8000 before 1.0.3.44, R8300 before 1.0.2.100_1.0.82, and R8500 before 1.0.2.100_1.0.82.

Severity ?

8.4 (High)


                        
                          CVSS:3.0/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N

CWE

Assigner

mitre

References

URL

Tags

https://kb.netgear.com/000048998/Security-Advisor…

x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:37:44.398Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.netgear.com/000048998/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-or-Modem-Routers-PSV-2017-1208"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Certain NETGEAR devices are affected by authentication bypass. This affects D6220 before 1.0.0.26, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.12, R6400 before 1.01.24, R6400v2 before 1.0.2.30, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R6900P before 1.0.0.56, R7000 before 1.0.9.4, R7000P before 1.0.0.56, R7100LG before 1.0.0.32, R7300DST before 1.0.0.54, R7900 before 1.0.1.18, R8000 before 1.0.3.44, R8300 before 1.0.2.100_1.0.82, and R8500 before 1.0.2.100_1.0.82."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-04-20T13:51:46",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.netgear.com/000048998/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-or-Modem-Routers-PSV-2017-1208"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-18850",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Certain NETGEAR devices are affected by authentication bypass. This affects D6220 before 1.0.0.26, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.12, R6400 before 1.01.24, R6400v2 before 1.0.2.30, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R6900P before 1.0.0.56, R7000 before 1.0.9.4, R7000P before 1.0.0.56, R7100LG before 1.0.0.32, R7300DST before 1.0.0.54, R7900 before 1.0.1.18, R8000 before 1.0.3.44, R8300 before 1.0.2.100_1.0.82, and R8500 before 1.0.2.100_1.0.82."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.netgear.com/000048998/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-or-Modem-Routers-PSV-2017-1208",
              "refsource": "CONFIRM",
              "url": "https://kb.netgear.com/000048998/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-or-Modem-Routers-PSV-2017-1208"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-18850",
    "datePublished": "2020-04-20T13:51:46",
    "dateReserved": "2020-04-20T00:00:00",
    "dateUpdated": "2024-08-05T21:37:44.398Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2020-42252

CVE-2017-18850 (GCVE-0-2017-18850)

Tags

Sightings

Nomenclature