CVE-2017-18806: Command Injection
First published: Tue Apr 21 2020(Updated: )
Certain NETGEAR devices are affected by command injection. This affects WAC510 before 1.3.0.10, WAC120 before 2.1.4, WNDAP620 before 2.1.3, WND930 before 2.1.2, WN604 before 3.3.7, WNDAP660 before 3.7.4.0, WNDAP350 before 3.7.4.0, WNAP320 before 3.7.4.0, WNAP210v2 before 3.7.4.0, and WNDAP360 before 3.7.4.0.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NETGEAR WAC510 firmware | <1.3.0.10 | |
| NETGEAR WAC510 firmware | ||
| Netgear WAC120 AC Firmware | <2.1.4 | |
| Netgear WAC120 AC Firmware | ||
| NETGEAR WNDAP620 | <2.1.3 | |
| NETGEAR WNDAP620 firmware | ||
| NETGEAR WND930 firmware | <2.1.2 | |
| NETGEAR WND930 firmware | ||
| Netgear WN604 | <3.3.7 | |
| Netgear WN604 | ||
| NETGEAR WNDAP660 | <3.7.4.0 | |
| NETGEAR WNDAP660 firmware | ||
| Netgear WNDAP350 Firmware | <3.7.4.0 | |
| Netgear WNDAP350 Firmware | ||
| Netgear WNAP320 firmware | <3.7.4.0 | |
| Netgear WNAP320 firmware | ||
| NETGEAR WNAP210 | <3.7.4.0 | |
| NETGEAR WNAP210 firmware | =v2 | |
| NETGEAR WNDAP360 | <3.7.4.0 | |
| NETGEAR WNDAP360 firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-18806?
CVE-2017-18806 is classified as a command injection vulnerability which poses a significant security risk to affected NETGEAR devices.
How do I fix CVE-2017-18806?
To fix CVE-2017-18806, update the firmware of your affected NETGEAR device to the latest version available.
Which NETGEAR devices are affected by CVE-2017-18806?
CVE-2017-18806 affects NETGEAR WAC510, WAC120, WNDAP620, WND930, WN604, WNDAP660, WNDAP350, WNAP320, WNAP210v2, and WNDAP360 devices with specific firmware versions.
Can CVE-2017-18806 be exploited remotely?
Yes, CVE-2017-18806 can potentially be exploited remotely without authentication.
What are the potential impacts of exploiting CVE-2017-18806?
Exploiting CVE-2017-18806 may allow an attacker to execute arbitrary commands on the vulnerable NETGEAR device.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/netgear
- canonical/netgear wac510 firmware
- canonical/netgear wac120 ac firmware
- canonical/netgear wndap620
- canonical/netgear wndap620 firmware
- canonical/netgear wnd930 firmware
- canonical/netgear wn604
- canonical/netgear wndap660
- canonical/netgear wndap660 firmware
- canonical/netgear wndap350 firmware
- canonical/netgear wnap320 firmware
- canonical/netgear wnap210
- canonical/netgear wnap210 firmware
- version/netgear wnap210 firmware/v2
- canonical/netgear wndap360
- canonical/netgear wndap360 firmware