CVE-2017-18763

MEDIUM

NETGEAR Multiple Routers - Security Misconfiguration via Incorrect Security Settings

Title source: llm

Description

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects JNR1010v2 before 1.1.0.42, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.42, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6120 before 1.0.0.30, R6220 before 1.1.0.50, R6700v2 before 1.2.0.4, R6800 before 1.2.0.4, R6900v2 before 1.2.0.4, WNDR3700v5 before 1.1.0.48, WNR1000v4 before 1.1.0.42, WNR2020 before 1.1.0.42, and WNR2050 before 1.1.0.42.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://kb.netgear.com/000051482/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-and-Extenders-PSV-2017-2212

Scores

CVSS v3 6.5

EPSS 0.0010

EPSS Percentile 26.5%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-20

Status published

Products (14)

netgear/jnr1010_firmware < 1.1.0.42

netgear/jr6150_firmware < 1.0.1.10

netgear/jwnr2010_firmware < 1.1.0.42

netgear/pr2000_firmware < 1.0.0.18

netgear/r6050_firmware < 1.0.1.10

netgear/r6120_firmware < 1.0.0.30

netgear/r6220_firmware < 1.1.0.50

netgear/r6700_firmware < 1.2.0.4

netgear/r6800_firmware < 1.2.0.4

netgear/r6900_firmware < 1.2.0.4

... and 4 more

Published Apr 22, 2020

Tracked Since Feb 18, 2026