Description
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6200v2 before 1.0.3.14, R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.1.1.20, R7000 before 1.0.7.10, R7000P/R6900P before 1.0.0.56, R7100LG before 1.0.0.30, R7900 before 1.0.1.14, R8000 before 1.0.3.22, R8500 before 1.0.2.74, and D8500 before 1.0.3.28.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://kb.netgear.com/000049357/Security-Advisory-for-Security-Misconfiguration-Vulnerability-on-D8500-and-Some-Routers-PSV-2017-0528
Scores
CVSS v3
7.5
EPSS
0.0031
EPSS Percentile
54.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-20
Status
published
Products (12)
netgear/d8500_firmware
< 1.0.3.28
netgear/r6200_firmware
< 1.0.3.14
netgear/r6250_firmware
< 1.0.4.8
netgear/r6300_firmware
< 1.0.4.8
netgear/r6700_firmware
< 1.1.1.20
netgear/r6900p_firmware
< 1.0.0.56
netgear/r7000_firmware
< 1.0.7.10
netgear/r7000p_firmware
< 1.0.0.56
netgear/r7100lg_firmware
< 1.0.0.30
netgear/r7900_firmware
< 1.0.1.14
... and 2 more
Published
Apr 21, 2020
Tracked Since
Feb 18, 2026