CVE-2017-18789: Infoleak
First published: Wed Apr 22 2020(Updated: )
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6250 before V1.0.4.8, R6400 before V1.0.1.22, R6400v2 before V1.0.2.32, R7100LG before V1.0.0.32, R7300 before V1.0.0.52, R8300 before V1.0.2.94, R8500 before V1.0.2.100, D6220 before V1.0.0.28, D6400 before V1.0.0.60, and D8500 before V1.0.3.29.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| netgear R6250 Firmware | <1.0.4.8 | |
| NETGEAR R6250 | ||
| Netgear R6400 Firmware | <1.0.1.22 | |
| NETGEAR R6400 | ||
| Netgear R6400 Firmware | <1.0.2.32 | |
| NETGEAR R6400 | =v2 | |
| Netgear R7100lg Firmware | <1.0.0.32 | |
| Netgear R7100LG | ||
| Netgear R7300 Firmware | <1.0.0.52 | |
| Netgear R7300 | ||
| Netgear R8300 Firmware | <1.0.2.94 | |
| NETGEAR R8300 | ||
| Netgear R8500 Firmware | <1.0.2.100 | |
| NETGEAR R8500 | ||
| Netgear D6220 Firmware | <1.0.0.28 | |
| NETGEAR D6220 | ||
| NETGEAR R6400v2 | <1.0.0.60 | |
| Netgear D6400 | ||
| Netgear D8500 Firmware | <1.0.3.29 | |
| Netgear D8500 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
Which NETGEAR devices are affected by CVE-2017-18789?
R6250 before V1.0.4.8, R6400 before V1.0.1.22, R6400v2 before V1.0.2.32, R7100LG before V1.0.0.32, R7300 before V1.0.0.52, R8300 before V1.0.2.94, R8500 before V1.0.2.100, D6220 before V1.0.0.28, D6400 before V1.0.0.60
What is the severity of CVE-2017-18789?
The severity of CVE-2017-18789 is medium with a severity value of 5.5.
How can I fix CVE-2017-18789?
The best way to fix CVE-2017-18789 is to update the firmware on your affected NETGEAR device to the latest version provided by the manufacturer.
Where can I find more information about CVE-2017-18789?
You can find more information about CVE-2017-18789 on the official NETGEAR Security Advisory page: https://kb.netgear.com/000049373/Security-Advisory-for-Sensitive-Information-Disclosure-Vulnerability-on-Some-Routers-and-Some-DSL-Modem-Routers-PSV-2017-0426
What is the Common Weakness Enumeration (CWE) identifier for CVE-2017-18789?
The Common Weakness Enumeration (CWE) identifier for CVE-2017-18789 is 200.
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/weakness
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/netgear
- canonical/netgear r6250 firmware
- canonical/netgear r6250
- canonical/netgear r6400 firmware
- canonical/netgear r6400
- version/netgear r6400/v2
- canonical/netgear r7100lg firmware
- canonical/netgear r7100lg
- canonical/netgear r7300 firmware
- canonical/netgear r7300
- canonical/netgear r8300 firmware
- canonical/netgear r8300
- canonical/netgear r8500 firmware
- canonical/netgear r8500
- canonical/netgear d6220 firmware
- canonical/netgear d6220
- canonical/netgear r6400v2
- canonical/netgear d6400
- canonical/netgear d8500 firmware
- canonical/netgear d8500