CVE-2017-6862

CRITICAL KEV

NETGEAR WNR2000v3 < 1.1.2.14, WNR2000v4 < 1.0.0.66, WNR2000v5 < 1.0.0.42 - Remote Code Execution via Buffer Overflow

Title source: llm

Exploitation Summary

CVE-2017-6862 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added June 8, 2022.

Description

NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261.

References (4)

Core 4

Core References

Third Party Advisory, US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-6862

Vendor Advisory x_refsource_confirm

https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Code-Execution-on-Some-Routers-PSV-2016-0261

Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/98740

Broken Link x_refsource_misc

https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2000v5_-_cve-2017-6862.pdf

Scores

CVSS v3 9.8

EPSS 0.4311

EPSS Percentile 97.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation active

Automatable yes

Technical Impact total

Details

CISA KEV 2022-06-08

VulnCheck KEV 2022-06-07

InTheWild.io 2022-06-08

ENISA EUVD EUVD-2017-15916

CWE

CWE-120

Status published

Products (5)

n/a/NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42 NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42

netgear/wnr2000_firmware < 1.0.0.42

netgear/wnr2000v3_firmware < 1.1.2.14

netgear/wnr2000v4_firmware < 1.0.0.66

netgear/wnr2000v5_firmware < 1.0.0.42

Published May 26, 2017

KEV Added Jun 08, 2022

Tracked Since Feb 18, 2026