Certain NETGEAR devices are affected by CSRF and authentication bypass. This affects R7300DST before 1.0.0.54, R8300 before 1.0.2.100_1.0.82, R8500 before 1.0.2.100_1.0.82, and WNDR3400v3 before 1.0.1.14.
References
Link | Resource |
---|---|
https://kb.netgear.com/000045849/Security-Advisory-for-CSRF-and-Authentication-Bypass-on-Some-Routers-PSV-2017-1206 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Information
Published : 2020-04-20 06:15
Updated : 2020-04-22 12:58
NVD link : CVE-2017-18852
Mitre link : CVE-2017-18852
JSON object : View
CWE
CWE-352
Cross-Site Request Forgery (CSRF)
Products Affected
netgear
- r8300_firmware
- r8500_firmware
- wndr3400
- wndr3400_firmware
- r8300
- r7300dst_firmware
- r8500
- r7300dst