CVE-2017-18863
First published: Tue Apr 28 2020(Updated: )
Certain NETGEAR devices are affected by command execution via a PHP form. This affects WN604 3.3.3 and earlier, WNAP210v2 3.5.20.0 and earlier, WNAP320 3.5.20.0 and earlier, WNDAP350 3.5.20.0 and earlier, WNDAP360 3.5.20.0 and earlier, WNDAP620 2.0.11 and earlier, WNDAP660 3.5.20.0 and earlier, WND930 2.0.11 and earlier, and WAC120 2.0.7 and earlier.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Netgear WN604 | <3.3.3 | |
| Netgear WN604 | ||
| Netgear Prosafe Wnap210 Firmware | <3.5.20.0 | |
| NetGear ProSafe WNAP210 | =v2 | |
| Netgear WNAP320 firmware | <3.5.20.0 | |
| Netgear WNAP320 firmware | ||
| Netgear WNDAP350 Firmware | <3.5.20.0 | |
| Netgear WNDAP350 Firmware | ||
| NETGEAR WNDAP360 | <3.5.20.0 | |
| NETGEAR Wireless Access Point | ||
| NETGEAR WNDAP620 | <2.0.11 | |
| NETGEAR WNDAP620 firmware | ||
| NETGEAR WNDAP660 | <3.5.20.0 | |
| NETGEAR Wireless Access Point | ||
| NETGEAR WND930 firmware | <2.0.11 | |
| NETGEAR WND930 firmware | ||
| Netgear WAC120 AC Firmware | <2.0.7 | |
| Netgear WAC120 AC Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What devices are affected by CVE-2017-18863?
The vulnerable devices include NETGEAR WN604, WNAP210v2, WNAP320, WNDAP350, WNDAP360, WNDAP620, and WNDAP660 running specific firmware versions.
What is the severity level of CVE-2017-18863?
CVE-2017-18863 is classified with a high severity level due to the potential for unauthorized command execution.
How do I fix CVE-2017-18863?
To fix CVE-2017-18863, users should update their affected NETGEAR devices to the latest firmware version available.
Can CVE-2017-18863 be exploited remotely?
Yes, CVE-2017-18863 can be exploited remotely, allowing an attacker to execute commands on the device.
What are the primary risks associated with CVE-2017-18863?
The primary risks associated with CVE-2017-18863 include unauthorized access, potential data breaches, and device compromise.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/event
- agent/first-publish-date
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/netgear
- canonical/netgear wn604
- canonical/netgear prosafe wnap210 firmware
- canonical/netgear prosafe wnap210
- version/netgear prosafe wnap210/v2
- canonical/netgear wnap320 firmware
- canonical/netgear wndap350 firmware
- canonical/netgear wndap360
- canonical/netgear wireless access point
- canonical/netgear wndap620
- canonical/netgear wndap620 firmware
- canonical/netgear wndap660
- canonical/netgear wnd930 firmware
- canonical/netgear wac120 ac firmware