{ "id": "CVE-2017-18746", "sourceIdentifier": "cve@mitre.org", "published": "2020-04-23T16:15:12.807", "lastModified": "2020-04-27T13:31:40.550", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6000 before 1.0.0.24, EX6130 before 1.0.0.16, EX6400 before 1.0.1.60, EX7000 before 1.0.0.50, EX7300 before 1.0.1.60, and WN2500RPv2 before 1.0.1.46." }, { "lang": "es", "value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una configuraci\u00f3n incorrecta de los ajustes de seguridad. Esto afecta a EX3700 versiones anteriores a 1.0.0.64, EX3800 versiones anteriores a 1.0.0.64, EX6000 versiones anteriores a 1.0.0.24, EX6130 versiones anteriores a 1.0.0.16, EX6400 versiones anteriores a 1.0.1.60, EX7000 versiones anteriores a 1.0.0.50, EX7300 versiones anteriores a 1.0.1.60 y WN2500RPv2 versiones anteriores a 1.0.1.46 ." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 2.8, "impactScore": 3.6 } ], "cvssMetricV30": [ { "source": "cve@mitre.org", "type": "Secondary", "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 2.8, "impactScore": 2.7 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N", "accessVector": "ADJACENT_NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE", "baseScore": 3.3 }, "baseSeverity": "LOW", "exploitabilityScore": 6.5, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.0.0.64", "matchCriteriaId": "B79CB764-3B62-4C39-9B68-A7C949EA91BE" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*", "matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.0.0.64", "matchCriteriaId": "72C578B9-6D52-492F-854F-067EB36F84B1" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*", "matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.0.0.24", "matchCriteriaId": "520E4E2B-FF48-4B11-8A41-975B1A5E9FA2" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*", "matchCriteriaId": "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.0.0.16", "matchCriteriaId": "0EF0C67F-9F79-4D2D-9453-824697828403" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*", "matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.0.1.60", "matchCriteriaId": "4684219C-634D-4147-B1E9-CB736FF41A36" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", "matchCriteriaId": "1289BBB4-1955-46A4-B5FE-BF11153C24F5" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.0.0.50", "matchCriteriaId": "0CE0EC7C-EA3B-4624-BDA4-9FE3257B9E69" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*", "matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.0.1.60", "matchCriteriaId": "4EB53B93-A502-4C92-830A-B0C968070AC7" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", "matchCriteriaId": "F285D60D-A5DA-4467-8F79-15EF8135D007" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:netgear:wn2500rp_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.0.1.46", "matchCriteriaId": "07CEF0FF-41A1-485B-8CDA-DB7AE8ECDB69" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:netgear:wn2500rp:v2:*:*:*:*:*:*:*", "matchCriteriaId": "1C4C1B98-9551-4862-AEAC-3D5C313BD275" } ] } ] } ], "references": [ { "url": "https://kb.netgear.com/000051508/Security-Advisory-for-Security-Misconfiguration-on-Some-Extenders-PSV-2016-0253", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] } ] }