CVE-2017-18798

MEDIUM

NETGEAR R6700/R6800/D7000/D1500 Firmware - Security Misconfiguration

Title source: llm

Description

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6700v2 before 1.1.0.38, R6800 before 1.1.0.38, D7000 before 1.0.1.50, and D1500 before 1.0.0.25.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://kb.netgear.com/000049358/Security-Advisory-for-Security-Misconfiguration-Vulnerability-on-Some-Routers-and-Some-DSL-Modem-Routers-PSV-2017-2159

Scores

CVSS v3 6.2

EPSS 0.0008

EPSS Percentile 23.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-20

Status published

Products (5)

netgear/d1500_firmware < 1.0.0.25

netgear/d500_firmware < 1.0.0.25

netgear/d7000_firmware < 1.0.1.50

netgear/r6700_firmware < 1.1.0.38

netgear/r6800_firmware < 1.1.0.38

Published Apr 21, 2020

Tracked Since Feb 18, 2026