CVE-2017-18796: Command Injection
First published: Tue Apr 21 2020(Updated: )
Certain NETGEAR devices are affected by command injection. This affects R6400 before 1.0.1.24, R6700 before 1.0.1.26, R6900 before 1.0.1.28, R7000 before 1.0.9.10, R7000P before 1.0.1.16, R6900P before 1.0.1.16, and R7800 before 1.0.2.36.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NETGEAR R6400 firmware | <1.0.1.24 | |
| NETGEAR R6400 firmware | ||
| Netgear R6700 Firmware | <1.0.1.26 | |
| NETGEAR R6700v1 firmware | ||
| Netgear R6900 Firmware | <1.0.1.28 | |
| Netgear R6900 Firmware | ||
| NETGEAR R7000 firmware | <1.0.9.10 | |
| NETGEAR R7000 firmware | ||
| NETGEAR R7000P firmware | <1.0.1.16 | |
| Netgear R7000P | ||
| NETGEAR R6900P firmware | <1.0.1.16 | |
| Netgear R6900 Firmware | ||
| NETGEAR R7800 firmware | <1.0.2.36 | |
| NETGEAR R7800 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-18796?
CVE-2017-18796 is classified as a critical vulnerability due to the possibility of command injection on affected NETGEAR devices.
How do I fix CVE-2017-18796?
To fix CVE-2017-18796, you should update the firmware of affected NETGEAR devices to the latest version available.
Which NETGEAR devices are impacted by CVE-2017-18796?
CVE-2017-18796 affects NETGEAR R6400, R6700, R6900, R7000, R7000P, R6900P, and R7800 models with firmware lower than their respective fixed versions.
What types of attacks can CVE-2017-18796 facilitate?
CVE-2017-18796 can facilitate remote command execution attacks, potentially allowing an attacker to gain unauthorized access to the device.
Is there any known exploitation in the wild for CVE-2017-18796?
While there have been reports of the potential for exploitation, specific cases of active exploitation of CVE-2017-18796 have not been widely documented.
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/netgear
- canonical/netgear r6400 firmware
- canonical/netgear r6700 firmware
- canonical/netgear r6700v1 firmware
- canonical/netgear r6900 firmware
- canonical/netgear r7000 firmware
- canonical/netgear r7000p firmware
- canonical/netgear r7000p
- canonical/netgear r6900p firmware
- canonical/netgear r7800 firmware
- canonical/netgear r7800