CVE-2017-18796

Certain NETGEAR devices are affected by command injection. This affects R6400 before 1.0.1.24, R6700 before 1.0.1.26, R6900 before 1.0.1.28, R7000 before 1.0.9.10, R7000P before 1.0.1.16, R6900P before 1.0.1.16, and R7800 before 1.0.2.36.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:20

Type Values Removed Values Added
References () https://kb.netgear.com/000049366/Security-Advisory-for-Command-Injection-Vulnerability-on-Some-Routers-PSV-2016-0106 - Vendor Advisory () https://kb.netgear.com/000049366/Security-Advisory-for-Command-Injection-Vulnerability-on-Some-Routers-PSV-2016-0106 - Vendor Advisory

Information

Published : 2020-04-21 19:15

Updated : 2024-11-21 03:20


NVD link : CVE-2017-18796

Mitre link : CVE-2017-18796

CVE.ORG link : CVE-2017-18796


JSON object : View

Products Affected

netgear

  • r7800_firmware
  • r7800
  • r7000
  • r6900p
  • r6400_firmware
  • r6900_firmware
  • r6900
  • r6400
  • r6900p_firmware
  • r7000p
  • r6700_firmware
  • r7000p_firmware
  • r7000_firmware
  • r6700
CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')