VAR-202004-1330
Vulnerability from variot - Updated: 2023-12-18 12:35Certain NETGEAR devices are affected by command execution. This affects M4200-10MG-POE+ 12.0.2.11 and earlier, M4300-28G 12.0.2.11 and earlier, M4300-52G 12.0.2.11 and earlier, M4300-28G-POE+ 12.0.2.11 and earlier, M4300-52G-POE+ 12.0.2.11 and earlier, M4300-8X8F 12.0.2.11 and earlier, M4300-12X12F 12.0.2.11 and earlier, M4300-24X24F 12.0.2.11 and earlier, M4300-24X 12.0.2.11 and earlier, and M4300-48X 12.0.2.11 and earlier. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR M4300-28G, etc. are all managed switches of NETGEAR.
There are security vulnerabilities in many NETGEAR products. Attackers can use this vulnerability to take over the switch, access configuration files or interrupt the operation of the switch. This affects M4200-10MG-POE+ 12.0.2.11 and previous versions, M4300-28G 12.0.2.11 and previous versions, M4300-52G 12.0.2.11 and previous versions, M4300-28G-POE+ 12.0.2.11 and previous versions, M4300-52G-POE+ 12.0.2.11 and previous versions, M4300-8X8F 12.0.2.11 and previous versions, M4300-12X12F 12.0.2.11 and previous versions, M4300-24X24F 12.0.2.11 and previous versions, M4300-24X 12.0.2.11 and previous versions, and M4300-48X 12.0.2.11 and previous versions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-1330",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "m4300-12x12f",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4300-24x24f",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4300-8x8f",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4200-10mg-poe\\+",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4300-28g-poe\\+",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4300-48x",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4300-24x",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4300-52g",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4300-52g-poe\\+",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4300-28g",
"scope": "lte",
"trust": 1.0,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4200-10mg-poe+",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4300-12x12f",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4300-24x24f",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4300-24x",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4300-28g-poe+",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4300-28g",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4300-48x",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4300-52g-poe+",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4300-52g",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4300-8x8f",
"scope": "eq",
"trust": 0.9,
"vendor": "netgear",
"version": "12.0.2.11"
},
{
"model": "m4200-10mg-poe+",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=12.0.2.11"
},
{
"model": "m4300-28g",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=12.0.2.11"
},
{
"model": "m4300-52g",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=12.0.2.11"
},
{
"model": "m4300-28g-poe+",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=12.0.2.11"
},
{
"model": "m4300-52g-poe+",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=12.0.2.11"
},
{
"model": "m4300-8x8f",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=12.0.2.11"
},
{
"model": "m4300-12x12f",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=12.0.2.11"
},
{
"model": "m4300-24x24f",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=12.0.2.11"
},
{
"model": "m4300-24x",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=12.0.2.11"
},
{
"model": "m4300-48x",
"scope": "lte",
"trust": 0.6,
"vendor": "netgear",
"version": "\u003c=12.0.2.11"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-48926"
},
{
"db": "VULMON",
"id": "CVE-2017-18858"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014986"
},
{
"db": "NVD",
"id": "CVE-2017-18858"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:m4200-10mg-poe\\+_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.0.2.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:m4200-10mg-poe\\+:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:m4300-28g_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.0.2.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:m4300-28g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:m4300-52g_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.0.2.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:m4300-52g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:m4300-28g-poe\\+_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.0.2.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:m4300-28g-poe\\+:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:m4300-52g-poe\\+_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.0.2.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:m4300-52g-poe\\+:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:m4300-8x8f_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.0.2.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:m4300-8x8f:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:m4300-12x12f_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.0.2.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:m4300-12x12f:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:m4300-24x24f_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.0.2.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:m4300-24x24f:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:m4300-24x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.0.2.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:m4300-24x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netgear:m4300-48x_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.0.2.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:m4300-48x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18858"
}
]
},
"cve": "CVE-2017-18858",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2017-014986",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-48926",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-18858",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-014986",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-18858",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2017-014986",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2021-48926",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-2308",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-18858",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-48926"
},
{
"db": "VULMON",
"id": "CVE-2017-18858"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014986"
},
{
"db": "NVD",
"id": "CVE-2017-18858"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2308"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Certain NETGEAR devices are affected by command execution. This affects M4200-10MG-POE+ 12.0.2.11 and earlier, M4300-28G 12.0.2.11 and earlier, M4300-52G 12.0.2.11 and earlier, M4300-28G-POE+ 12.0.2.11 and earlier, M4300-52G-POE+ 12.0.2.11 and earlier, M4300-8X8F 12.0.2.11 and earlier, M4300-12X12F 12.0.2.11 and earlier, M4300-24X24F 12.0.2.11 and earlier, M4300-24X 12.0.2.11 and earlier, and M4300-48X 12.0.2.11 and earlier. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR M4300-28G, etc. are all managed switches of NETGEAR. \n\r\n\r\nThere are security vulnerabilities in many NETGEAR products. Attackers can use this vulnerability to take over the switch, access configuration files or interrupt the operation of the switch. This affects M4200-10MG-POE+ 12.0.2.11 and previous versions, M4300-28G 12.0.2.11 and previous versions, M4300-52G 12.0.2.11 and previous versions, M4300-28G-POE+ 12.0.2.11 and previous versions, M4300-52G-POE+ 12.0.2.11 and previous versions, M4300-8X8F 12.0.2.11 and previous versions, M4300-12X12F 12.0.2.11 and previous versions, M4300-24X24F 12.0.2.11 and previous versions, M4300-24X 12.0.2.11 and previous versions, and M4300-48X 12.0.2.11 and previous versions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18858"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014986"
},
{
"db": "CNVD",
"id": "CNVD-2021-48926"
},
{
"db": "VULMON",
"id": "CVE-2017-18858"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18858",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014986",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-48926",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2308",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-18858",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-48926"
},
{
"db": "VULMON",
"id": "CVE-2017-18858"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014986"
},
{
"db": "NVD",
"id": "CVE-2017-18858"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2308"
}
]
},
"id": "VAR-202004-1330",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-48926"
}
],
"trust": 1.093055568
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-48926"
}
]
},
"last_update_date": "2023-12-18T12:35:37.096000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Advisory for Unauthenticated Remote Code Execution on M4200 and M4300, PSV-2017-1971",
"trust": 0.8,
"url": "https://kb.netgear.com/000038655/security-advisory-for-unauthenticated-remote-code-execution-on-m4200-and-m4300-psv-2017-1971"
},
{
"title": "Patch for Operating system command injection vulnerabilities in multiple NETGEAR products (CNVD-2021-48926)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/277346"
},
{
"title": "Multiple NETGEAR Product operating system command injection vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=117918"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-48926"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014986"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2308"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014986"
},
{
"db": "NVD",
"id": "CVE-2017-18858"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18858"
},
{
"trust": 1.7,
"url": "https://kb.netgear.com/000038655/security-advisory-for-unauthenticated-remote-code-execution-on-m4200-and-m4300-psv-2017-1971"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18858"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-48926"
},
{
"db": "VULMON",
"id": "CVE-2017-18858"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014986"
},
{
"db": "NVD",
"id": "CVE-2017-18858"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2308"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-48926"
},
{
"db": "VULMON",
"id": "CVE-2017-18858"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014986"
},
{
"db": "NVD",
"id": "CVE-2017-18858"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-2308"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-48926"
},
{
"date": "2020-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2017-18858"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014986"
},
{
"date": "2020-04-28T17:15:12.663000",
"db": "NVD",
"id": "CVE-2017-18858"
},
{
"date": "2020-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2308"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-48926"
},
{
"date": "2020-05-06T00:00:00",
"db": "VULMON",
"id": "CVE-2017-18858"
},
{
"date": "2020-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014986"
},
{
"date": "2020-05-06T20:10:58.790000",
"db": "NVD",
"id": "CVE-2017-18858"
},
{
"date": "2020-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-2308"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2308"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NETGEAR On the device OS Command injection vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014986"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-2308"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…