CVE-2017-18862
MEDIUMNETGEAR ProSAFE Web-Managed Switches < 2017-05-11 - Unauthenticated Authentication Bypass
Title source: llmDescription
Certain NETGEAR devices are affected by authentication bypass. This affects JGS516PE before 2017-05-11, JGS524Ev2 before 2017-05-11, JGS524PE before 2017-05-11, GS105Ev2 before 2017-05-11, GS105PE before 2017-05-11, GS108Ev3 before 2017-05-11, GS108PEv3 before 2017-05-11, GS116Ev2 before 2017-05-11, GSS108E before 2017-05-11, GSS116E before 2017-05-11, XS708Ev2 before 2017-05-11, and XS716E before 2017-05-11.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://kb.netgear.com/000037849/Security-Advisory-for-Authentication-Bypass-on-ProSAFE-Web-Managed-Switches-PSV-2015-0043
Scores
CVSS v3
6.5
EPSS
0.0010
EPSS Percentile
27.6%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-287
Status
published
Products (12)
netgear/gs105e_firmware
< 2017-05-11
netgear/gs105pe_firmware
< 2017-05-11
netgear/gs108e_firmware
< 2017-05-11
netgear/gs108pe_firmware
< 2017-05-11
netgear/gs116e_firmware
< 2017-05-11
netgear/gss108e_firmware
< 2017-05-11
netgear/gss116e_firmware
< 2017-05-11
netgear/jgs516pe_firmware
< 2017-05-11
netgear/jgs524e_firmware
< 2017-05-11
netgear/jgs524pe_firmware
< 2017-05-11
... and 2 more
Published
Apr 28, 2020
Tracked Since
Feb 18, 2026