CVE-2017-18860
First published: Wed Apr 29 2020(Updated: )
Certain NETGEAR devices are affected by debugging command execution. This affects FS752TP 5.4.2.19 and earlier, GS108Tv2 5.4.2.29 and earlier, GS110TP 5.4.2.29 and earlier, GS418TPP 6.6.2.6 and earlier, GS510TLP 6.6.2.6 and earlier, GS510TP 5.04.2.27 and earlier, GS510TPP 6.6.2.6 and earlier, GS716Tv2 5.4.2.27 and earlier, GS716Tv3 6.3.1.16 and earlier, GS724Tv3 5.4.2.27 and earlier, GS724Tv4 6.3.1.16 and earlier, GS728TPSB 5.3.0.29 and earlier, GS728TSB 5.3.0.29 and earlier, GS728TXS 6.1.0.35 and earlier, GS748Tv4 5.4.2.27 and earlier, GS748Tv5 6.3.1.16 and earlier, GS752TPSB 5.3.0.29 and earlier, GS752TSB 5.3.0.29 and earlier, GS752TXS 6.1.0.35 and earlier, M4200 12.0.2.10 and earlier, M4300 12.0.2.10 and earlier, M5300 11.0.0.28 and earlier, M6100 11.0.0.28 and earlier, M7100 11.0.0.28 and earlier, S3300 6.6.1.4 and earlier, XS708T 6.6.0.11 and earlier, XS712T 6.1.0.34 and earlier, and XS716T 6.6.0.11 and earlier.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Netgear FS752TP | <=5.4.2.19 | |
| Netgear Fs752tp Firmware | ||
| Netgear GS108T Firmware | <=5.4.2.29 | |
| Netgear GS108Tv2 Firmware | ||
| Netgear GS110TPP Firmware | <=5.4.2.29 | |
| Netgear GS110TP Firmware | ||
| Netgear GS418TPP Firmware | <=6.6.2.6 | |
| Netgear GS418TPP Firmware | ||
| Netgear GS510TLP | <=6.6.2.6 | |
| Netgear GS510TLP Firmware | ||
| Netgear GS510TP Firmware | <=5.04.2.27 | |
| Netgear GS510TP Firmware | ||
| Netgear GS510TPP Firmware | <=6.6.2.6 | |
| Netgear GS510TPP Firmware | ||
| Netgear XS716T Firmware | <=5.4.2.27 | |
| Netgear GS716T Firmware | =v2 | |
| Netgear XS716T Firmware | <=6.3.1.16 | |
| Netgear GS716T Firmware | =v3 | |
| Netgear GS724T Firmware | <=5.4.2.27 | |
| NETGEAR ProSafe GS724T | =v3 | |
| Netgear GS724T Firmware | <=6.3.1.16 | |
| NETGEAR ProSafe GS724T | =v4 | |
| Netgear GS728TPSB | <=5.3.0.29 | |
| Netgear GS728TP | ||
| Netgear GS728TSB | <=5.3.0.29 | |
| Netgear GS728TSB Firmware | ||
| Netgear GS728TXS Firmware | <=6.1.0.35 | |
| Netgear Prosafe GS728TXS | ||
| Netgear GS748T Firmware | <=5.4.2.27 | |
| Netgear ProSafe GS748T | =v4 | |
| Netgear GS748T Firmware | <=6.3.1.16 | |
| Netgear ProSafe GS748T | =v5 | |
| Netgear GS752TPSB | <=5.3.0.29 | |
| Netgear ProSafe GS752TP | ||
| Netgear GS752TSB | <=5.3.0.29 | |
| Netgear GS752TSB Firmware | ||
| Netgear GS752TPSB | <=6.1.0.35 | |
| Netgear ProSafe GS752TXS | ||
| Netgear M4200 Firmware | <=12.0.2.10 | |
| Netgear M4200-10mg-poe+ | ||
| Netgear M4300 Firmware | <=12.0.2.10 | |
| Netgear M4300-24x Firmware | ||
| Netgear M5300 Firmware | <=11.0.0.28 | |
| Netgear M5300 Firmware | ||
| Netgear M6100 Firmware | <=11.0.0.28 | |
| Netgear M6100 | ||
| Netgear M7100 Firmware | <=11.0.0.28 | |
| Netgear M7100 Firmware | ||
| Netgear S3300 | <=6.6.1.4 | |
| Netgear S3300 Firmware | ||
| Netgear XS708T | <=6.6.0.11 | |
| Netgear XS708T Firmware | ||
| Netgear XS712T Firmware | <=6.1.0.34 | |
| Netgear XS712T Firmware | ||
| Netgear XS716T Firmware | <=6.6.0.11 | |
| Netgear Xs716t Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What devices are affected by CVE-2017-18860?
FS752TP, GS108Tv2, GS110TP, GS418TPP, GS510TLP, GS510TP, GS510TPP, GS716T
What is the severity of CVE-2017-18860?
The severity of CVE-2017-18860 is high, with a CVSS score of 7.7.
How can I fix CVE-2017-18860?
Update the firmware of the affected NETGEAR devices to a version that is not vulnerable.
Where can I find more information about CVE-2017-18860?
You can find more information about CVE-2017-18860 in the Netgear security advisory at the following link: https://kb.netgear.com/000038519/Security-Advisory-for-Authentication-Bypass-and-Remote-Command-Execution-on-Some-Smart-and-Managed-Switches-PSV-2017-0857
What is the Common Weakness Enumeration (CWE) of CVE-2017-18860?
The Common Weakness Enumeration (CWE) of CVE-2017-18860 is CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')).
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/event
- agent/first-publish-date
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/netgear
- canonical/netgear fs752tp
- version/netgear fs752tp/5.4.2.19
- canonical/netgear fs752tp firmware
- canonical/netgear gs108t firmware
- version/netgear gs108t firmware/5.4.2.29
- canonical/netgear gs108tv2 firmware
- canonical/netgear gs110tpp firmware
- version/netgear gs110tpp firmware/5.4.2.29
- canonical/netgear gs110tp firmware
- canonical/netgear gs418tpp firmware
- version/netgear gs418tpp firmware/6.6.2.6
- canonical/netgear gs510tlp
- version/netgear gs510tlp/6.6.2.6
- canonical/netgear gs510tlp firmware
- canonical/netgear gs510tp firmware
- version/netgear gs510tp firmware/5.04.2.27
- canonical/netgear gs510tpp firmware
- version/netgear gs510tpp firmware/6.6.2.6
- canonical/netgear xs716t firmware
- version/netgear xs716t firmware/5.4.2.27
- canonical/netgear gs716t firmware
- version/netgear gs716t firmware/v2
- version/netgear xs716t firmware/6.3.1.16
- version/netgear gs716t firmware/v3
- canonical/netgear gs724t firmware
- version/netgear gs724t firmware/5.4.2.27
- canonical/netgear prosafe gs724t
- version/netgear prosafe gs724t/v3
- version/netgear gs724t firmware/6.3.1.16
- version/netgear prosafe gs724t/v4
- canonical/netgear gs728tpsb
- version/netgear gs728tpsb/5.3.0.29
- canonical/netgear gs728tp
- canonical/netgear gs728tsb
- version/netgear gs728tsb/5.3.0.29
- canonical/netgear gs728tsb firmware
- canonical/netgear gs728txs firmware
- version/netgear gs728txs firmware/6.1.0.35
- canonical/netgear prosafe gs728txs
- canonical/netgear gs748t firmware
- version/netgear gs748t firmware/5.4.2.27
- canonical/netgear prosafe gs748t
- version/netgear prosafe gs748t/v4
- version/netgear gs748t firmware/6.3.1.16
- version/netgear prosafe gs748t/v5
- canonical/netgear gs752tpsb
- version/netgear gs752tpsb/5.3.0.29
- canonical/netgear prosafe gs752tp
- canonical/netgear gs752tsb
- version/netgear gs752tsb/5.3.0.29
- canonical/netgear gs752tsb firmware
- version/netgear gs752tpsb/6.1.0.35
- canonical/netgear prosafe gs752txs
- canonical/netgear m4200 firmware
- version/netgear m4200 firmware/12.0.2.10
- canonical/netgear m4200-10mg-poe+
- canonical/netgear m4300 firmware
- version/netgear m4300 firmware/12.0.2.10
- canonical/netgear m4300-24x firmware
- canonical/netgear m5300 firmware
- version/netgear m5300 firmware/11.0.0.28
- canonical/netgear m6100 firmware
- version/netgear m6100 firmware/11.0.0.28
- canonical/netgear m6100
- canonical/netgear m7100 firmware
- version/netgear m7100 firmware/11.0.0.28
- canonical/netgear s3300
- version/netgear s3300/6.6.1.4
- canonical/netgear s3300 firmware
- canonical/netgear xs708t
- version/netgear xs708t/6.6.0.11
- canonical/netgear xs708t firmware
- canonical/netgear xs712t firmware
- version/netgear xs712t firmware/6.1.0.34
- version/netgear xs716t firmware/6.6.0.11