mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
76 lines
2.5 KiB
JSON
76 lines
2.5 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2018-21154",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, and R7800 before 1.0.2.42."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"refsource": "CONFIRM",
|
|
"name": "https://kb.netgear.com/000059479/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Gateways-and-Routers-PSV-2017-3133",
|
|
"url": "https://kb.netgear.com/000059479/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Gateways-and-Routers-PSV-2017-3133"
|
|
}
|
|
]
|
|
},
|
|
"impact": {
|
|
"cvss": {
|
|
"attackComplexity": "LOW",
|
|
"attackVector": "ADJACENT",
|
|
"availabilityImpact": "HIGH",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"privilegesRequired": "HIGH",
|
|
"scope": "UNCHANGED",
|
|
"userInteraction": "NONE",
|
|
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N",
|
|
"version": "3.0"
|
|
}
|
|
}
|
|
} |