Search

Find a vulnerability

Search criteria

    59 vulnerabilities found for r6050 by netgear

    VAR-201505-0408

    Vulnerability from variot - Updated: 2025-04-13 23:29

    Stack-based buffer overflow in the run_init_sbus function in the KCodes NetUSB module for the Linux kernel, as used in certain NETGEAR products, TP-LINK products, and other products, allows remote attackers to execute arbitrary code by providing a long computer name in a session on TCP port 20005. KCodes NetUSB is vulnerable to a buffer overflow via the network that may result in a denial of service or code execution. KCodes NetUSB The kernel driver contains a buffer overflow vulnerability. KCodes NetUSB Is Linux Connected to base embedded devices (home router products, etc.) USB Share devices on the network "USB over IP" To realize the function, Linux Kernel module. Buffer overflow (CWE-120) - CVE-2015-3036 http://cwe.mitre.org/data/definitions/120.html The client NetUSB The data to send when connecting to the server NetUSB A buffer overflow can occur because the kernel driver does not validate properly. For more information SEC Consult Please check the advisory for. SEC Consult Vulnerability Lab Security Advisory < 20150519-0 > https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_KCodes_NetUSB_Kernel_Stack_Buffer_Overflow_v10.txt In addition, National Vulnerability Database (NVD) Then CWE-119 It is published as CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer ( Buffer error ) http://cwe.mitre.org/data/definitions/119.htmlAn attacker on the local network caused a buffer overflow, resulting in a denial of service operation (DoS) An attacker may be able to attack or execute arbitrary code. Depending on the default settings of the device, a remote attack may be possible. KCodes NetUSB is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. SEC Consult Vulnerability Lab Security Advisory < 20150519-0 > ======================================================================= title: Kernel Stack Buffer Overflow product: KCodes NetUSB vulnerable version: see Vulnerable / tested versions fixed version: see Solution CVE number: CVE-2015-3036, VU#177092 impact: Critical homepage: http://www.kcodes.com/ found: 2015-02-23 by: Stefan Viehböck (Office Vienna) SEC Consult Vulnerability Lab

                     An integrated part of SEC Consult
                     Berlin - Frankfurt/Main - Montreal - Singapore
                     Vienna (HQ) - Vilnius - Zurich
    
                     https://www.sec-consult.com
    

    =======================================================================

    Vendor description:

    "The world's premier technology provider of mobile printing, audio and video communication, file sharing, and USB applications for iPhones, iPads, smart phones and tablets (Android and Windows), MacBooks, and Ultrabooks."

    Source: http://www.kcodes.com/

    Vulnerability overview/description:

    NetUSB suffers from a remotely exploitable kernel stack buffer overflow. Because of insufficient input validation, an overly long computer name can be used to overflow the "computer name" kernel stack buffer. This results in memory corruption which can be turned into arbitrary remote code execution.

    Furthermore, a more detailed summary of this advisory has been published at our blog: http://blog.sec-consult.com

    Proof of concept:

    Below is an excerpt from the vulnerable run_init_sbus() function (pseudo code):

    int computername_len; char computername_buf[64]; // connection initiation, handshake len = ks_recv(sock, &computername_len, 4, 0); // ... len = ks_recv(sock, computername_buf, computername_len, 0); // boom!

    A proof of concept "netusb_bof.py" has been developed which exploits the vulnerability. The PoC DoS exploit will not be published as many vendors did not patch the vulnerability yet.

    Example use that results in denial-of-service (kernel memory corruption that results in a device reboot): ./netusb_bof.py 192.168.1.1 20005 500

    Vulnerable / tested versions:

    The vulnerability has been verified to exist in most recent firmware versions of the following devives:

    TP-Link TL-WDR4300 V1 TP-Link WR1043ND v2 NETGEAR WNDR4500

    Furthermore we've identified NetUSB in the most recent firmware version of the following products (list is not necessarily complete!): D-Link DIR-615 C NETGEAR AC1450 NETGEAR CENTRIA (WNDR4700/4720) NETGEAR D6100 NETGEAR D6200 NETGEAR D6300 NETGEAR D6400 NETGEAR DC112A NETGEAR DC112A (Zain) NETGEAR DGND4000 NETGEAR EX6200 NETGEAR EX7000 NETGEAR JNR3000 NETGEAR JNR3210 NETGEAR JR6150 NETGEAR LG6100D NETGEAR PR2000 NETGEAR R6050 NETGEAR R6100 NETGEAR R6200 NETGEAR R6200v2 NETGEAR R6220 NETGEAR R6250 NETGEAR R6300v1 NETGEAR R6300v2 NETGEAR R6700 NETGEAR R7000 NETGEAR R7500 NETGEAR R7900 NETGEAR R8000 NETGEAR WN3500RP NETGEAR WNDR3700v5 NETGEAR WNDR4300 NETGEAR WNDR4300v2 NETGEAR WNDR4500 NETGEAR WNDR4500v2 NETGEAR WNDR4500v3 NETGEAR XAU2511 NETGEAR XAUB2511 TP-LINK Archer C2 V1.0 (Fix planned before 2015/05/22) TP-LINK Archer C20 V1.0 (Not affected) TP-LINK Archer C20i V1.0 (Fix planned before 2015/05/25) TP-LINK Archer C5 V1.2 (Fix planned before 2015/05/22) TP-LINK Archer C5 V2.0 (Fix planned before 2015/05/30) TP-LINK Archer C7 V1.0 (Fix planned before 2015/05/30) TP-LINK Archer C7 V2.0 (Fix already released) TP-LINK Archer C8 V1.0 (Fix planned before 2015/05/30) TP-LINK Archer C9 V1.0 (Fix planned before 2015/05/22) TP-LINK Archer D2 V1.0 (Fix planned before 2015/05/22) TP-LINK Archer D5 V1.0 (Fix planned before 2015/05/25) TP-LINK Archer D7 V1.0 (Fix planned before 2015/05/25) TP-LINK Archer D7B V1.0 (Fix planned before 2015/05/31) TP-LINK Archer D9 V1.0 (Fix planned before 2015/05/25) TP-LINK Archer VR200v V1.0 (Fix already released) TP-LINK TD-VG3511 V1.0 (End-Of-Life) TP-LINK TD-VG3631 V1.0 (Fix planned before 2015/05/30) TP-LINK TD-VG3631 V1.0 (Fix planned before 2015/05/31) TP-LINK TD-W1042ND V1.0 (End-Of-Life) TP-LINK TD-W1043ND V1.0 (End-Of-Life) TP-LINK TD-W8968 V1.0 (Fix planned before 2015/05/30) TP-LINK TD-W8968 V2.0 (Fix planned before 2015/05/30) TP-LINK TD-W8968 V3.0 (Fix planned before 2015/05/25) TP-LINK TD-W8970 V1.0 (Fix planned before 2015/05/30) TP-LINK TD-W8970 V3.0 (Fix already released) TP-LINK TD-W8970B V1.0 (Fix planned before 2015/05/30) TP-LINK TD-W8980 V3.0 (Fix planned before 2015/05/25) TP-LINK TD-W8980B V1.0 (Fix planned before 2015/05/30) TP-LINK TD-W9980 V1.0 (Fix already released) TP-LINK TD-W9980B V1.0 (Fix planned before 2015/05/30) TP-LINK TD-WDR4900 V1.0 (End-Of-Life) TP-LINK TL-WR1043ND V2.0 (Fix planned before 2015/05/30) TP-LINK TL-WR1043ND V3.0 (Fix planned before 2015/05/30) TP-LINK TL-WR1045ND V2.0 (Fix planned before 2015/05/30) TP-LINK TL-WR3500 V1.0 (Fix planned before 2015/05/22) TP-LINK TL-WR3600 V1.0 (Fix planned before 2015/05/22) TP-LINK TL-WR4300 V1.0 (Fix planned before 2015/05/22) TP-LINK TL-WR842ND V2.0 (Fix planned before 2015/05/30) TP-LINK TL-WR842ND V1.0 (End-Of-Life) TP-LINK TX-VG1530(GPON) V1.0 (Fix planned before 2015/05/31) Trendnet TE100-MFP1 (v1.0R) Trendnet TEW-632BRP (A1.0R) Trendnet TEW-632BRP (A1.1R/A1.2R) Trendnet TEW-632BRP (A1.1R/A1.2R/A1.3R) Trendnet TEW-634GRU (v1.0R) Trendnet TEW-652BRP (V1.0R) Trendnet TEW-673GRU (v1.0R) Trendnet TEW-811DRU (v1.0R) Trendnet TEW-812DRU (v1.0R) Trendnet TEW-812DRU (v2.xR) Trendnet TEW-813DRU (v1.0R) Trendnet TEW-818DRU (v1.0R) Trendnet TEW-823DRU (v1.0R) Trendnet TEW-MFP1 (v1.0R) Zyxel NBG-419N v2 Zyxel NBG4615 v2 Zyxel NBG5615 Zyxel NBG5715

    Based on information embedded in KCodes drivers we believe the following vendors are affected: Allnet Ambir Technology AMIT Asante Atlantis Corega Digitus D-Link EDIMAX Encore Electronics Engenius Etop Hardlink Hawking IOGEAR LevelOne Longshine NETGEAR PCI PROLiNK Sitecom Taifa TP-LINK TRENDnet Western Digital ZyXEL

    Vendor contact timeline:

    2015-02-28: Contacting vendor through support@kcodes.com 2015-03-04: No response, contacting various KCodes addresses found on the web. 2015-03-05: Vendor responds, requests more information. 2015-03-05: Providing advisory and proof of concept exploit. 2015-03-16: No response, requesting status update. 2015-03-16: Vendor responds, asks about fix verification(?) 2015-03-16: Requesting clarification about fixing status and information about next steps. Proposing conference call dates. 2015-03-19: No response, informing that notification of CERT/CC and selected vendors will start shortly. Requesting clarification about fixing status and information about next steps again. 2015-03-19: Vendor responds, confirms conference call date (2015-03-25). No further information provided. 2015-03-19: Providing advisory and proof of concept exploit to TP-LINK and NETGEAR. 2015-03-25: Vendor cancels conference call on short notice (sudden week-long business trip). 2015-03-26: Asking for support of CERT/CC regarding vendor coordination. 2015-03 - 2015-05: Coordination between CERT & vendors, NETGEAR and TP-LINK 2015-05-13: Notifying German CERT-Bund and Austrian CERT.at 2015-05-19: Coordinated release of security advisory

    Solution:

    TP-LINK has started releasing fixed firmware. The status of affected products can be found in the affected product list above.

    For additional information also see CERT/CC vulnerability notice: http://www.kb.cert.org/vuls/id/177092

    Workaround:

    Sometimes NetUSB can be disabled via the web interface, but at least on NETGEAR devices this does not mitigate the vulnerability. NETGEAR told us, that there is no workaround available, the TCP port can't be firewalled nor is there a way to disable the service on their devices. It ensures the continued knowledge gain of SEC Consult in the field of network and application security to stay ahead of the attacker. The SEC Consult Vulnerability Lab supports high-quality penetration testing and the evaluation of new offensive and defensive technologies for our customers. Hence our customers obtain the most current information about vulnerabilities and valid recommendation about the risk profile of new technologies.

    Interested to work with the experts of SEC Consult?
    Send us your application https://www.sec-consult.com/en/Career.htm
    
    Interested in improving your cyber security with the experts of SEC Consult?
    Contact our local offices https://www.sec-consult.com/en/About/Contact.htm
    

    Mail: research at sec-consult dot com Web: https://www.sec-consult.com Blog: http://blog.sec-consult.com Twitter: https://twitter.com/sec_consult

    EOF Stefan Viehböck / @2015

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "netusb",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "kcodes",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-632brp",
            "scope": null,
            "trust": 1.2,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "d link",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "kcodes",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "tp link",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "zyxel",
            "version": null
          },
          {
            "_id": null,
            "model": "",
            "scope": null,
            "trust": 0.8,
            "vendor": "multiple vendors",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-812dru",
            "scope": null,
            "trust": 0.6,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "nbg5715",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "zyxel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "nbg5615",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "zyxel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "nbg4615",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "zyxel",
            "version": "v2"
          },
          {
            "_id": null,
            "model": "nbg-419n",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "zyxel",
            "version": "v20"
          },
          {
            "_id": null,
            "model": "tew-mfp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-823dru",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-818dru",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-813dru",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-811dru",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-673gru",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-652brp",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tew-634gru",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "te100-mfp1",
            "scope": null,
            "trust": 0.3,
            "vendor": "trendnet",
            "version": null
          },
          {
            "_id": null,
            "model": "tx-vg1530",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "tl-wr842nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "tl-wr842nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "tl-wr4300",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "tl-wr3600",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "tl-wr3500",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "tl-wr1045nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "tl-wr1043nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "tl-wr1043nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "td-wdr4900",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w9980b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w9980",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w8980b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w8980",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "td-w8970b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w8970",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "td-w8970",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w8968",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "td-w8968",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "td-w8968",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w1043nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-w1042nd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-vg3631",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "td-vg3511",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer vr200v",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer d9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer d7b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer d7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer d5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer d2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer c7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer c5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "archer c20i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "archer c2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tp link",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "xaub2511",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "xau2511",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wndr4500v3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wndr4500v2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wndr4300v2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wndr3700v5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "wn3500rp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r8000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r7900",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r7500",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r7000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6700",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6300v2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6300v1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6250",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6220",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6200v2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6200",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6100",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "r6050",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "lg6100d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "jnr3000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ex7000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ex6200",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dgnd4000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dc112a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "d6400",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "d6300",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "d6200",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "d6100",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "centria wndr4720",
            "scope": null,
            "trust": 0.3,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "centria wndr4700",
            "scope": null,
            "trust": 0.3,
            "vendor": "netgear",
            "version": null
          },
          {
            "_id": null,
            "model": "ac1450",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netgear",
            "version": "0"
          },
          {
            "_id": null,
            "model": "netusb",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kcodes",
            "version": "0"
          },
          {
            "_id": null,
            "model": "dir-685",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "d link",
            "version": "2.00"
          },
          {
            "_id": null,
            "model": "dir-615",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "d link",
            "version": "3.13"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          },
          {
            "db": "BID",
            "id": "74724"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:misc:multiple_vendors",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Stefan Viehb\u00f6ck from SEC Consult Vulnerability Lab",
        "sources": [
          {
            "db": "BID",
            "id": "74724"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2015-3036",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2015-3036",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "MEDIUM",
                "accessVector": "ADJACENT NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "availabilityRequirement": "NOT DEFINED",
                "baseScore": 5.7,
                "collateralDamagePotential": "NOT DEFINED",
                "confidentialityImpact": "NONE",
                "confidentialityRequirement": "NOT DEFINED",
                "enviromentalScore": 3.7,
                "exploitability": "PROOF-OF-CONCEPT",
                "exploitabilityScore": 5.5,
                "id": "CVE-2015-3036",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "integrityRequirement": "NOT DEFINED",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "remediationLevel": "WORKAROUND",
                "reportConfidence": "CONFIRMED",
                "severity": "MEDIUM",
                "targetDistribution": "MEDIUM",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vector_string": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-3036",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-3036",
                "trust": 0.8,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-3036",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201505-429",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULMON",
                "id": "CVE-2015-3036",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Stack-based buffer overflow in the run_init_sbus function in the KCodes NetUSB module for the Linux kernel, as used in certain NETGEAR products, TP-LINK products, and other products, allows remote attackers to execute arbitrary code by providing a long computer name in a session on TCP port 20005. KCodes NetUSB is vulnerable to a buffer overflow via the network that may result in a denial of service or code execution. KCodes NetUSB The kernel driver contains a buffer overflow vulnerability. KCodes NetUSB Is Linux Connected to base embedded devices (home router products, etc.) USB Share devices on the network \"USB over IP\" To realize the function, Linux Kernel module. Buffer overflow (CWE-120) - CVE-2015-3036 http://cwe.mitre.org/data/definitions/120.html The client NetUSB The data to send when connecting to the server NetUSB A buffer overflow can occur because the kernel driver does not validate properly. For more information SEC Consult Please check the advisory for. SEC Consult Vulnerability Lab Security Advisory \u003c 20150519-0 \u003e https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_KCodes_NetUSB_Kernel_Stack_Buffer_Overflow_v10.txt In addition, National Vulnerability Database (NVD) Then CWE-119 It is published as CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer ( Buffer error ) http://cwe.mitre.org/data/definitions/119.htmlAn attacker on the local network caused a buffer overflow, resulting in a denial of service operation (DoS) An attacker may be able to attack or execute arbitrary code. Depending on the default settings of the device, a remote attack may be possible. KCodes NetUSB is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. SEC Consult Vulnerability Lab Security Advisory \u003c 20150519-0 \u003e\n=======================================================================\n              title: Kernel Stack Buffer Overflow\n            product: KCodes NetUSB\n vulnerable version: see Vulnerable / tested versions\n      fixed version: see Solution\n         CVE number: CVE-2015-3036, VU#177092\n             impact: Critical\n           homepage: http://www.kcodes.com/\n              found: 2015-02-23\n                 by: Stefan Viehb\u00f6ck (Office Vienna)\n                     SEC Consult Vulnerability Lab\n\n                     An integrated part of SEC Consult\n                     Berlin - Frankfurt/Main - Montreal - Singapore\n                     Vienna (HQ) - Vilnius - Zurich\n\n                     https://www.sec-consult.com\n\n=======================================================================\n\nVendor description:\n-------------------\n\"The world\u0027s premier technology provider of mobile printing, audio and\nvideo communication, file sharing, and USB applications for iPhones,\niPads, smart phones and tablets (Android and Windows), MacBooks, and\nUltrabooks.\"\n\nSource: http://www.kcodes.com/\n\n\nVulnerability overview/description:\n-----------------------------------\nNetUSB suffers from a remotely exploitable kernel stack buffer overflow. \nBecause of insufficient input validation, an overly long computer name can be\nused to overflow the \"computer name\" kernel stack buffer. This results in\nmemory corruption which can be turned into arbitrary remote code execution. \n\nFurthermore, a more detailed summary of this advisory has been published at our\nblog: http://blog.sec-consult.com\n\n\nProof of concept:\n-----------------\nBelow is an excerpt from the vulnerable run_init_sbus() function (pseudo code):\n\nint computername_len;\nchar computername_buf[64];\n// connection initiation, handshake\nlen = ks_recv(sock, \u0026computername_len, 4, 0);\n// ... \nlen = ks_recv(sock, computername_buf, computername_len, 0); // boom!\n\nA proof of concept \"netusb_bof.py\" has been developed which exploits the\nvulnerability. The PoC DoS exploit will not be published as many vendors\ndid not patch the vulnerability yet. \n\nExample use that results in denial-of-service (kernel memory corruption that\nresults in a device reboot):\n./netusb_bof.py 192.168.1.1 20005 500\n\n\nVulnerable / tested versions:\n-----------------------------\nThe vulnerability has been verified to exist in most recent firmware versions\nof the following devives:\n\nTP-Link TL-WDR4300 V1\nTP-Link WR1043ND v2\nNETGEAR WNDR4500\n\nFurthermore we\u0027ve identified NetUSB in the most recent firmware version of the\nfollowing products (list is not necessarily complete!):\nD-Link DIR-615 C\nNETGEAR AC1450\nNETGEAR CENTRIA (WNDR4700/4720)\nNETGEAR D6100\nNETGEAR D6200\nNETGEAR D6300\nNETGEAR D6400\nNETGEAR DC112A\nNETGEAR DC112A (Zain)\nNETGEAR DGND4000\nNETGEAR EX6200\nNETGEAR EX7000\nNETGEAR JNR3000\nNETGEAR JNR3210\nNETGEAR JR6150\nNETGEAR LG6100D\nNETGEAR PR2000\nNETGEAR R6050\nNETGEAR R6100\nNETGEAR R6200\nNETGEAR R6200v2\nNETGEAR R6220\nNETGEAR R6250\nNETGEAR R6300v1\nNETGEAR R6300v2\nNETGEAR R6700\nNETGEAR R7000\nNETGEAR R7500\nNETGEAR R7900\nNETGEAR R8000\nNETGEAR WN3500RP\nNETGEAR WNDR3700v5\nNETGEAR WNDR4300\nNETGEAR WNDR4300v2\nNETGEAR WNDR4500\nNETGEAR WNDR4500v2\nNETGEAR WNDR4500v3\nNETGEAR XAU2511\nNETGEAR XAUB2511\nTP-LINK Archer C2 V1.0 (Fix planned before 2015/05/22)\nTP-LINK Archer C20 V1.0 (Not affected)\nTP-LINK Archer C20i V1.0 (Fix planned before 2015/05/25)\nTP-LINK Archer C5 V1.2 (Fix planned before 2015/05/22)\nTP-LINK Archer C5 V2.0 (Fix planned before 2015/05/30)\nTP-LINK Archer C7 V1.0 (Fix planned before 2015/05/30)\nTP-LINK Archer C7 V2.0 (Fix already released)\nTP-LINK Archer C8 V1.0 (Fix planned before 2015/05/30)\nTP-LINK Archer C9 V1.0 (Fix planned before 2015/05/22)\nTP-LINK Archer D2 V1.0 (Fix planned before 2015/05/22)\nTP-LINK Archer D5 V1.0 (Fix planned before 2015/05/25)\nTP-LINK Archer D7 V1.0 (Fix planned before 2015/05/25)\nTP-LINK Archer D7B V1.0 (Fix planned before 2015/05/31)\nTP-LINK Archer D9 V1.0 (Fix planned before 2015/05/25)\nTP-LINK Archer VR200v V1.0 (Fix already released)\nTP-LINK TD-VG3511 V1.0 (End-Of-Life)\nTP-LINK TD-VG3631 V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-VG3631 V1.0 (Fix planned before 2015/05/31)\nTP-LINK TD-W1042ND V1.0 (End-Of-Life)\nTP-LINK TD-W1043ND V1.0 (End-Of-Life)\nTP-LINK TD-W8968 V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W8968 V2.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W8968 V3.0 (Fix planned before 2015/05/25)\nTP-LINK TD-W8970 V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W8970 V3.0 (Fix already released)\nTP-LINK TD-W8970B V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W8980 V3.0 (Fix planned before 2015/05/25)\nTP-LINK TD-W8980B V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-W9980 V1.0 (Fix already released)\nTP-LINK TD-W9980B V1.0 (Fix planned before 2015/05/30)\nTP-LINK TD-WDR4900 V1.0 (End-Of-Life)\nTP-LINK TL-WR1043ND V2.0 (Fix planned before 2015/05/30)\nTP-LINK TL-WR1043ND V3.0 (Fix planned before 2015/05/30)\nTP-LINK TL-WR1045ND V2.0 (Fix planned before 2015/05/30)\nTP-LINK TL-WR3500 V1.0 (Fix planned before 2015/05/22)\nTP-LINK TL-WR3600 V1.0 (Fix planned before 2015/05/22)\nTP-LINK TL-WR4300 V1.0 (Fix planned before 2015/05/22)\nTP-LINK TL-WR842ND V2.0 (Fix planned before 2015/05/30)\nTP-LINK TL-WR842ND V1.0 (End-Of-Life)\nTP-LINK TX-VG1530(GPON) V1.0 (Fix planned before 2015/05/31)\nTrendnet TE100-MFP1 (v1.0R)\nTrendnet TEW-632BRP (A1.0R)\nTrendnet TEW-632BRP (A1.1R/A1.2R)\nTrendnet TEW-632BRP (A1.1R/A1.2R/A1.3R)\nTrendnet TEW-634GRU (v1.0R)\nTrendnet TEW-652BRP (V1.0R)\nTrendnet TEW-673GRU (v1.0R)\nTrendnet TEW-811DRU (v1.0R)\nTrendnet TEW-812DRU (v1.0R)\nTrendnet TEW-812DRU (v2.xR)\nTrendnet TEW-813DRU (v1.0R)\nTrendnet TEW-818DRU (v1.0R)\nTrendnet TEW-823DRU (v1.0R)\nTrendnet TEW-MFP1 (v1.0R)\nZyxel NBG-419N v2\nZyxel NBG4615 v2\nZyxel NBG5615\nZyxel NBG5715\n\nBased on information embedded in KCodes drivers we believe the following\nvendors are affected:\nAllnet\nAmbir Technology\nAMIT\nAsante\nAtlantis\nCorega\nDigitus\nD-Link\nEDIMAX\nEncore Electronics\nEngenius\nEtop\nHardlink\nHawking\nIOGEAR\nLevelOne\nLongshine\nNETGEAR\nPCI\nPROLiNK\nSitecom\nTaifa\nTP-LINK\nTRENDnet\nWestern Digital\nZyXEL\n\n\nVendor contact timeline:\n------------------------\n2015-02-28: Contacting vendor through support@kcodes.com\n2015-03-04: No response, contacting various KCodes addresses found on the web. \n2015-03-05: Vendor responds, requests more information. \n2015-03-05: Providing advisory and proof of concept exploit. \n2015-03-16: No response, requesting status update. \n2015-03-16: Vendor responds, asks about fix verification(?)\n2015-03-16: Requesting clarification about fixing status and information about\n            next steps. Proposing conference call dates. \n2015-03-19: No response, informing that notification of CERT/CC and selected\n            vendors will start shortly. Requesting clarification about fixing\n            status and information about next steps again. \n2015-03-19: Vendor responds, confirms conference call date (2015-03-25). No\n            further information provided. \n2015-03-19: Providing advisory and proof of concept exploit to TP-LINK and\n            NETGEAR. \n2015-03-25: Vendor cancels conference call on short notice (sudden week-long\n            business trip). \n2015-03-26: Asking for support of CERT/CC regarding vendor coordination. \n2015-03 - 2015-05: Coordination between CERT \u0026 vendors, NETGEAR and TP-LINK\n2015-05-13: Notifying German CERT-Bund and Austrian CERT.at\n2015-05-19: Coordinated release of security advisory\n\n\nSolution:\n---------\nTP-LINK has started releasing fixed firmware. The status of affected products\ncan be found in the affected product list above. \n\nFor additional information also see CERT/CC vulnerability notice:\nhttp://www.kb.cert.org/vuls/id/177092\n\n\nWorkaround:\n-----------\nSometimes NetUSB can be disabled via the web interface, but at least on NETGEAR\ndevices this does not mitigate the vulnerability. NETGEAR told us, that there is\nno workaround available, the TCP port can\u0027t be firewalled nor is there a way to\ndisable the service on their devices. It\nensures the continued knowledge gain of SEC Consult in the field of network\nand application security to stay ahead of the attacker. The SEC Consult\nVulnerability Lab supports high-quality penetration testing and the evaluation\nof new offensive and defensive technologies for our customers. Hence our\ncustomers obtain the most current information about vulnerabilities and valid\nrecommendation about the risk profile of new technologies. \n\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\nInterested to work with the experts of SEC Consult?\nSend us your application https://www.sec-consult.com/en/Career.htm\n\nInterested in improving your cyber security with the experts of SEC Consult?\nContact our local offices https://www.sec-consult.com/en/About/Contact.htm\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nMail: research at sec-consult dot com\nWeb: https://www.sec-consult.com\nBlog: http://blog.sec-consult.com\nTwitter: https://twitter.com/sec_consult\n\nEOF Stefan Viehb\u00f6ck / @2015\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-3036"
          },
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          },
          {
            "db": "BID",
            "id": "74724"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036"
          },
          {
            "db": "PACKETSTORM",
            "id": "131987"
          }
        ],
        "trust": 2.79
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.kb.cert.org/vuls/id/177092",
            "trust": 0.8,
            "type": "poc"
          },
          {
            "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=38566",
            "trust": 0.2,
            "type": "exploit"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#177092",
            "trust": 3.7
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "74724",
            "trust": 1.4
          },
          {
            "db": "PACKETSTORM",
            "id": "131987",
            "trust": 1.2
          },
          {
            "db": "SECTRACK",
            "id": "1032377",
            "trust": 1.1
          },
          {
            "db": "PACKETSTORM",
            "id": "133919",
            "trust": 1.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "38566",
            "trust": 1.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "38454",
            "trust": 1.1
          },
          {
            "db": "JVN",
            "id": "JVNVU90185396",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429",
            "trust": 0.6
          },
          {
            "db": "DLINK",
            "id": "SAP10057",
            "trust": 0.3
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036"
          },
          {
            "db": "BID",
            "id": "74724"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          },
          {
            "db": "PACKETSTORM",
            "id": "131987"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036"
          }
        ]
      },
      "id": "VAR-201505-0408",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.5346243894594594
      },
      "last_update_date": "2025-04-13T23:29:37.607000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "USB Over IP (NetUSB)",
            "trust": 0.8,
            "url": "http://www.kcodes.com/product/usb_01.html"
          },
          {
            "title": "The Register",
            "trust": 0.2,
            "url": "https://www.theregister.co.uk/2015/05/20/netusb_router_fail/"
          },
          {
            "title": "TD-W8970-NetUSB-Fix-v1-",
            "trust": 0.1,
            "url": "https://github.com/Leproide/TD-W8970-NetUSB-Fix-v1- "
          },
          {
            "title": "NetUSB-exploit",
            "trust": 0.1,
            "url": "https://github.com/funsecurity/NetUSB-exploit "
          },
          {
            "title": "MiraiSecurity",
            "trust": 0.1,
            "url": "https://github.com/pandazheng/MiraiSecurity "
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/details-surface-on-unpatched-kcodes-netusb-bug/112910/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-3036"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-Other",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.6,
            "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_kcodes_netusb_kernel_stack_buffer_overflow_v10.txt"
          },
          {
            "trust": 3.3,
            "url": "http://blog.sec-consult.com/2015/05/kcodes-netusb-how-small-taiwanese.html"
          },
          {
            "trust": 2.9,
            "url": "http://www.kb.cert.org/vuls/id/177092"
          },
          {
            "trust": 1.2,
            "url": "http://www.securityfocus.com/bid/74724"
          },
          {
            "trust": 1.2,
            "url": "https://www.exploit-db.com/exploits/38566/"
          },
          {
            "trust": 1.1,
            "url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10057"
          },
          {
            "trust": 1.1,
            "url": "http://packetstormsecurity.com/files/131987/kcodes-netusb-buffer-overflow.html"
          },
          {
            "trust": 1.1,
            "url": "http://seclists.org/fulldisclosure/2015/may/74"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1032377"
          },
          {
            "trust": 1.1,
            "url": "http://packetstormsecurity.com/files/133919/netusb-stack-buffer-overflow.html"
          },
          {
            "trust": 1.1,
            "url": "http://seclists.org/fulldisclosure/2015/oct/50"
          },
          {
            "trust": 1.1,
            "url": "https://www.exploit-db.com/exploits/38454/"
          },
          {
            "trust": 0.8,
            "url": "http://kb.netgear.com/app/answers/detail/a_id/28393/"
          },
          {
            "trust": 0.8,
            "url": "http://www.trendnet.com/support/view.asp?cat=4\u0026id=58"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3036"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu90185396/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3036"
          },
          {
            "trust": 0.3,
            "url": "http://www.kcodes.com/product/usb_01.html"
          },
          {
            "trust": 0.3,
            "url": "https://github.com/funsecurity/netusb-exploit"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/leproide/td-w8970-netusb-fix-v1-"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://www.sec-consult.com/en/career.htm"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3036"
          },
          {
            "trust": 0.1,
            "url": "https://www.sec-consult.com"
          },
          {
            "trust": 0.1,
            "url": "https://www.sec-consult.com/en/about/contact.htm"
          },
          {
            "trust": 0.1,
            "url": "https://twitter.com/sec_consult"
          },
          {
            "trust": 0.1,
            "url": "http://blog.sec-consult.com"
          },
          {
            "trust": 0.1,
            "url": "http://www.kcodes.com/"
          },
          {
            "trust": 0.1,
            "url": "https://www.sec-consult.com/en/vulnerability-lab/advisories.htm"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036"
          },
          {
            "db": "BID",
            "id": "74724"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741"
          },
          {
            "db": "PACKETSTORM",
            "id": "131987"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#177092",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3036",
            "ident": null
          },
          {
            "db": "BID",
            "id": "74724",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002741",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "131987",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3036",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2015-05-19T00:00:00",
            "db": "CERT/CC",
            "id": "VU#177092",
            "ident": null
          },
          {
            "date": "2015-05-21T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-3036",
            "ident": null
          },
          {
            "date": "2015-05-19T00:00:00",
            "db": "BID",
            "id": "74724",
            "ident": null
          },
          {
            "date": "2015-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-002741",
            "ident": null
          },
          {
            "date": "2015-05-21T14:44:44",
            "db": "PACKETSTORM",
            "id": "131987",
            "ident": null
          },
          {
            "date": "2015-05-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201505-429",
            "ident": null
          },
          {
            "date": "2015-05-21T01:59:27.087000",
            "db": "NVD",
            "id": "CVE-2015-3036",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2015-06-05T00:00:00",
            "db": "CERT/CC",
            "id": "VU#177092",
            "ident": null
          },
          {
            "date": "2016-12-08T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-3036",
            "ident": null
          },
          {
            "date": "2015-12-08T22:03:00",
            "db": "BID",
            "id": "74724",
            "ident": null
          },
          {
            "date": "2015-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-002741",
            "ident": null
          },
          {
            "date": "2015-05-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201505-429",
            "ident": null
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2015-3036",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "KCodes NetUSB kernel driver is vulnerable to buffer overflow",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#177092"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-429"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0920

    Vulnerability from variot - Updated: 2024-11-23 23:11

    Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.40, R6080 before 1.0.0.40, R6050 before 1.0.1.18, R6120 before 1.0.0.48, R6220 before 1.1.0.86, R6260 before 1.1.0.64, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, and WNR2020 before 1.1.0.62. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6200, etc. are all products of NETGEAR. NETGEAR D6200 is a wireless modem. NETGEAR D7000 is a wireless modem. NETGEAR WNR2020 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D6200 prior to 1.1.00.36, D7000 prior to 1.0.1.74, JR6150 prior to 1.0.1.18, PR2000 prior to 1.0.0.28, R6020 prior to 1.0.0.40, R6080 prior to 1.0.0.40, R6050 prior to 1.0.1.18, R6120 prior to 1.0.0.48, R6220 prior to 1.1.0.86, R6260 prior to 1.1.0.64, R6700v2 prior to 1.2.0.36, R6800 prior to 1.2.0.36, R6900v2 prior to 1.2.0.36, and WNR2020 prior to 1.1.0.62

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0920",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r6260",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.64"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.00.36"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.74"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.86"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.00.36"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.74"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "r6020",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r6080",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "r6120",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.86"
          },
          {
            "model": "r6260",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.64"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.36"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57175"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015425"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20686"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:pr2000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6020_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6050_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6080_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6120_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6260_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015425"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "suer",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1270"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-20686",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2019-20686",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015425",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-57175",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-20686",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-20686",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015425",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20686",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20686",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015425",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-57175",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1270",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-20686",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57175"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20686"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015425"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1270"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20686"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20686"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.40, R6080 before 1.0.0.40, R6050 before 1.0.1.18, R6120 before 1.0.0.48, R6220 before 1.1.0.86, R6260 before 1.1.0.64, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, and WNR2020 before 1.1.0.62. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6200, etc. are all products of NETGEAR. NETGEAR D6200 is a wireless modem. NETGEAR D7000 is a wireless modem. NETGEAR WNR2020 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D6200 prior to 1.1.00.36, D7000 prior to 1.0.1.74, JR6150 prior to 1.0.1.18, PR2000 prior to 1.0.0.28, R6020 prior to 1.0.0.40, R6080 prior to 1.0.0.40, R6050 prior to 1.0.1.18, R6120 prior to 1.0.0.48, R6220 prior to 1.1.0.86, R6260 prior to 1.1.0.64, R6700v2 prior to 1.2.0.36, R6800 prior to 1.2.0.36, R6900v2 prior to 1.2.0.36, and WNR2020 prior to 1.1.0.62",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20686"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015425"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-57175"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20686"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20686",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015425",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-57175",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1270",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20686",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57175"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20686"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015425"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1270"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20686"
          }
        ]
      },
      "id": "VAR-202004-0920",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57175"
          }
        ],
        "trust": 1.02400010875
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57175"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:11:27.395000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Buffer Overflow on Some Routers, Gateways, and Extenders, PSV-2018-0239",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061453/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2018-0239"
          },
          {
            "title": "Patch for NETGEAR buffer overflow vulnerability (CNVD-2021-57175)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/283656"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114769"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57175"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015425"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1270"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015425"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20686"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20686"
          },
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000061453/security-advisory-for-pre-authentication-buffer-overflow-on-some-routers-gateways-and-extenders-psv-2018-0239"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20686"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/120.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57175"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20686"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015425"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1270"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20686"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57175"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-20686"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015425"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1270"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20686"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-57175"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-20686"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015425"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1270"
          },
          {
            "date": "2020-04-16T19:15:23.120000",
            "db": "NVD",
            "id": "CVE-2019-20686"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-57175"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-20686"
          },
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015425"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1270"
          },
          {
            "date": "2024-11-21T04:39:04.873000",
            "db": "NVD",
            "id": "CVE-2019-20686"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1270"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Classic buffer overflow vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015425"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1270"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1342

    Vulnerability from variot - Updated: 2024-11-23 23:11

    plural NETGEAR The device contains an input verification vulnerability.Information may be tampered with. NETGEAR WNR2020 and so on are all products of NETGEAR. NETGEAR WNR2020 is a wireless router. NETGEAR R7500 is a wireless router. NETGEAR D6220 is a wireless modem.

    A number of NETGEAR products have input validation error vulnerabilities that result from security configuration errors. No detailed vulnerability details are currently available

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1342",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.29"
          },
          {
            "model": "r7300dst",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.32"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.60"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.104"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.104"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.26"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.2.0.2"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.4.6"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.4.6"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.2"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.2"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.46"
          },
          {
            "model": "d6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "d6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.60"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "d8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.29"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "jwnr2010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "jnr1010v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r6400v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.46"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr3700v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "d7000v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.2"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.2"
          },
          {
            "model": "wndr4300v1",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.52"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31324"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014917"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18778"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d8500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:pr2000_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014917"
          }
        ]
      },
      "cve": "CVE-2017-18778",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-18778",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.1,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014917",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-31324",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.8,
                "id": "CVE-2017-18778",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.5,
                "id": "CVE-2017-18778",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014917",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18778",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18778",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014917",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-31324",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1882",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31324"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014917"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1882"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18778"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18778"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural NETGEAR The device contains an input verification vulnerability.Information may be tampered with. NETGEAR WNR2020 and so on are all products of NETGEAR. NETGEAR WNR2020 is a wireless router. NETGEAR R7500 is a wireless router. NETGEAR D6220 is a wireless modem. \n\r\n\r\nA number of NETGEAR products have input validation error vulnerabilities that result from security configuration errors. No detailed vulnerability details are currently available",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014917"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31324"
          }
        ],
        "trust": 1.26
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18778",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014917",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31324",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1882",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31324"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014917"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1882"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18778"
          }
        ]
      },
      "id": "VAR-202004-1342",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31324"
          }
        ],
        "trust": 1.1785081257894738
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31324"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:11:27.105000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Security Misconfiguration on Some Routers and Gateways, PSV-2017-2957",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049543/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-and-Gateways-PSV-2017-2957"
          },
          {
            "title": "Patch for Multiple NETGEAR product input verification error vulnerabilities (CNVD-2020-31324)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/220045"
          },
          {
            "title": "Multiple NETGEAR Product input verification error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117240"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31324"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014917"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1882"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014917"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18778"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18778"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000049543/security-advisory-for-security-misconfiguration-on-some-routers-and-gateways-psv-2017-2957"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18778"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31324"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014917"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1882"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18778"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31324"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014917"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1882"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18778"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31324"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014917"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1882"
          },
          {
            "date": "2020-04-22T15:15:12.253000",
            "db": "NVD",
            "id": "CVE-2017-18778"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31324"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014917"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1882"
          },
          {
            "date": "2024-11-21T03:20:53.747000",
            "db": "NVD",
            "id": "CVE-2017-18778"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1882"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Input verification vulnerabilities on devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014917"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1882"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1426

    Vulnerability from variot - Updated: 2024-11-23 23:11

    Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6050 before 1.0.1.12, R6080 before 1.0.0.26, R6120 before 1.0.0.36, R6220 before 1.1.0.60, R6700v2 before 1.2.0.12, R6800 before 1.2.0.12, R6900v2 before 1.2.0.12, WNDR3700v5 before 1.1.0.50, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D6200, etc. NETGEAR D6200 is a wireless modem. NETGEAR WNR2020 is a wireless router. NETGEAR R6220 is a wireless router. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1426",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.60"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "jwnr2010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "r6020",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6080",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6120",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "jnr1010v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "wndr3700v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.50"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31238"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014912"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18783"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:pr2000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6020_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6050_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6080_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6120_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014912"
          }
        ]
      },
      "cve": "CVE-2017-18783",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2017-18783",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.3,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014912",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2020-31238",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18783",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.8,
                "id": "CVE-2017-18783",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.1,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014912",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18783",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18783",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014912",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-31238",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1890",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31238"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014912"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1890"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18783"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18783"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6050 before 1.0.1.12, R6080 before 1.0.0.26, R6120 before 1.0.0.36, R6220 before 1.1.0.60, R6700v2 before 1.2.0.12, R6800 before 1.2.0.12, R6900v2 before 1.2.0.12, WNDR3700v5 before 1.1.0.50, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D6200, etc. NETGEAR D6200 is a wireless modem. NETGEAR WNR2020 is a wireless router. NETGEAR R6220 is a wireless router. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18783"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014912"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31238"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18783",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014912",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31238",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1890",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31238"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014912"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1890"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18783"
          }
        ]
      },
      "id": "VAR-202004-1426",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31238"
          }
        ],
        "trust": 1.142545423
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31238"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:11:27.001000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Cross-Site Scripting on Some Routers, PSV-2017-2952",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049536/Security-Advisory-for-Cross-Site-Scripting-on-Some-Routers-PSV-2017-2952"
          },
          {
            "title": "Patch for Multiple NETGEAR product cross-site scripting vulnerabilities (CNVD-2020-31238)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/219895"
          },
          {
            "title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116666"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31238"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014912"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1890"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014912"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18783"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18783"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000049536/security-advisory-for-cross-site-scripting-on-some-routers-psv-2017-2952"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18783"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31238"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014912"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1890"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18783"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31238"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014912"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1890"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18783"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31238"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014912"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1890"
          },
          {
            "date": "2020-04-22T15:15:12.643000",
            "db": "NVD",
            "id": "CVE-2017-18783"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31238"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014912"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1890"
          },
          {
            "date": "2024-11-21T03:20:54.600000",
            "db": "NVD",
            "id": "CVE-2017-18783"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1890"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014912"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1890"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1636

    Vulnerability from variot - Updated: 2024-11-23 23:11

    plural NETGEAR An unspecified vulnerability exists in the device.Information may be obtained and tampered with. Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 prior to 1.0.0.27, D500 prior to 1.0.0.27, D6100 prior to 1.0.0.57, D6220 prior to 1.0.0.40, D6400 prior to 1.0.0.74, D7000 prior to 1.0.1.60, D7800 prior to 1.0.1.34, D8500 prior to 1.0.3.39, DGN2200v4 prior to 1.0.0.94, DGN2200Bv4 prior to 1.0.0.94, EX2700 prior to 1.0.1.42, EX3700 prior to 1.0.0.64, EX3800 prior to 1.0.0.64, EX6000 prior to 1.0.0.24, EX6100 prior to 1.0.2.18, EX6120 prior to 1.0.0.32, EX6130 prior to 1.0.0.22, EX6150 prior to 1.0.0.34_1.0.70, EX6200 prior to 1.0.3.82_1.1.117, EX6400 prior to 1.0.1.78, EX7000 prior to 1.0.0.56, EX7300 prior to 1.0.1.78, JNR1010v2 prior to 1.1.0.42, JR6150 prior to 1.0.1.10, JWNR2010v5 prior to 1.1.0.42, PR2000 prior to 1.0.0.22, R6050 prior to 1.0.1.10, R6100 prior to 1.0.1.16, R6220 prior to 1.1.0.50, R6250 prior to 1.0.4.14, R6300v2 prior to 1.0.4.12, R6400v2 prior to 1.0.2.34, R6700 prior to 1.0.1.26, R6900 prior to 1.0.1.26, R6900P prior to 1.2.0.22, R7000 prior to 1.0.9.6, R7000P prior to 1.2.0.22, R7100LG prior to 1.0.0.40, R7300DST prior to 1.0.0.54, R7500 prior to 1.0.0.110, R7500v2 prior to 1.0.3.26, R7800 prior to 1.0.2.44, R7900 prior to 1.0.1.26, R8000 prior to 1.0.3.48, R8300 prior to 1.0.2.104, R8500 prior to 1.0.2.104, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN2500RPv2 prior to 1.0.1.46, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.56, WNDR3400v3 prior to 1.0.1.14, WNDR3700v4 prior to 1.0.2.96, WNDR3700v5 prior to 1.1.0.54, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.48, WNDR4500v3 prior to 1.0.0.48, WNR1000v4 prior to 1.1.0.42, WNR2000v5 prior to 1.0.0.64, WNR2020 prior to 1.1.0.42, and WNR2050 prior to 1.1.0.42

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1636",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ex6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.32"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "dgn2200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.14"
          },
          {
            "model": "ex6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.18"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "wn3100rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.104"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.34"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "d500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "d1500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.22"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "r7300dst",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.42"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.44"
          },
          {
            "model": "wn2500rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.22"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.82_1.1.117"
          },
          {
            "model": "dgn2200b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.48"
          },
          {
            "model": "ex6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.24"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.22"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.9.6"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "ex6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.34_1.0.70"
          },
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "wn2000rpt",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.66"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.104"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.39"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "d1500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "d500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "d6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "d6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "d8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.39"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "dgn2200b",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.94"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d1500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d8500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgn2200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dgn2200b_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          }
        ]
      },
      "cve": "CVE-2018-21231",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2018-21231",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016407",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21231",
                "impactScore": 2.5,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 5.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.1,
                "id": "CVE-2018-21231",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.4,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016407",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21231",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21231",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016407",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2129",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2018-21231",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21231"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural NETGEAR An unspecified vulnerability exists in the device.Information may be obtained and tampered with. Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 prior to 1.0.0.27, D500 prior to 1.0.0.27, D6100 prior to 1.0.0.57, D6220 prior to 1.0.0.40, D6400 prior to 1.0.0.74, D7000 prior to 1.0.1.60, D7800 prior to 1.0.1.34, D8500 prior to 1.0.3.39, DGN2200v4 prior to 1.0.0.94, DGN2200Bv4 prior to 1.0.0.94, EX2700 prior to 1.0.1.42, EX3700 prior to 1.0.0.64, EX3800 prior to 1.0.0.64, EX6000 prior to 1.0.0.24, EX6100 prior to 1.0.2.18, EX6120 prior to 1.0.0.32, EX6130 prior to 1.0.0.22, EX6150 prior to 1.0.0.34_1.0.70, EX6200 prior to 1.0.3.82_1.1.117, EX6400 prior to 1.0.1.78, EX7000 prior to 1.0.0.56, EX7300 prior to 1.0.1.78, JNR1010v2 prior to 1.1.0.42, JR6150 prior to 1.0.1.10, JWNR2010v5 prior to 1.1.0.42, PR2000 prior to 1.0.0.22, R6050 prior to 1.0.1.10, R6100 prior to 1.0.1.16, R6220 prior to 1.1.0.50, R6250 prior to 1.0.4.14, R6300v2 prior to 1.0.4.12, R6400v2 prior to 1.0.2.34, R6700 prior to 1.0.1.26, R6900 prior to 1.0.1.26, R6900P prior to 1.2.0.22, R7000 prior to 1.0.9.6, R7000P prior to 1.2.0.22, R7100LG prior to 1.0.0.40, R7300DST prior to 1.0.0.54, R7500 prior to 1.0.0.110, R7500v2 prior to 1.0.3.26, R7800 prior to 1.0.2.44, R7900 prior to 1.0.1.26, R8000 prior to 1.0.3.48, R8300 prior to 1.0.2.104, R8500 prior to 1.0.2.104, R9000 prior to 1.0.3.10, WN2000RPTv3 prior to 1.0.1.26, WN2500RPv2 prior to 1.0.1.46, WN3000RPv3 prior to 1.0.2.66, WN3100RPv2 prior to 1.0.0.56, WNDR3400v3 prior to 1.0.1.14, WNDR3700v4 prior to 1.0.2.96, WNDR3700v5 prior to 1.1.0.54, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.48, WNDR4500v3 prior to 1.0.0.48, WNR1000v4 prior to 1.1.0.42, WNR2000v5 prior to 1.0.0.64, WNR2020 prior to 1.1.0.42, and WNR2050 prior to 1.1.0.42",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21231"
          }
        ],
        "trust": 0.81
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21231",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2018-21231",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21231"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "id": "VAR-202004-1636",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4058950425581395
      },
      "last_update_date": "2024-11-23T23:11:26.757000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Security Misconfiguration on Some Routers, Gateways, and Extenders, PSV-2016-0102",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000055103/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Gateways-and-Extenders-PSV-2016-0102"
          },
          {
            "title": "Multiple NETGEAR Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117052"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000055103/security-advisory-for-security-misconfiguration-on-some-routers-gateways-and-extenders-psv-2016-0102"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21231"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21231"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21231"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2018-21231"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-24T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21231"
          },
          {
            "date": "2020-06-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "date": "2020-04-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          },
          {
            "date": "2020-04-24T15:15:13.003000",
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2018-21231"
          },
          {
            "date": "2020-06-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          },
          {
            "date": "2024-11-21T04:03:14.407000",
            "db": "NVD",
            "id": "CVE-2018-21231"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016407"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2129"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0802

    Vulnerability from variot - Updated: 2024-11-23 23:04

    Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6200 before 1.1.00.28, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DC112A before 1.0.0.40, EX8000 before 1.0.0.118, JR6150 before 1.0.1.18, R6050 before 1.0.1.18, R6220 before 1.1.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6700v2 before 1.2.0.16, R6800 before 1.2.0.16, R6900v2 before 1.2.0.16, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500 before 1.0.0.118, R7500v2 before 1.0.3.26, R7800 before 1.0.2.40, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.6, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.56, and WNDR4500v3 before 1.0.0.56. plural NETGEAR On the device SQL An injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0802",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.66"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.0.20"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.36"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.39"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.116"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.16"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.16"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.24"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.10"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.0.10"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.102"
          },
          {
            "model": "ex8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "r7300dst",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.6"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "dc112a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.9.26"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.0.10"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.40"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.16"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.0.20"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.28"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.116"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.00.28"
          },
          {
            "model": "d6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "d6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.74"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "d8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.39"
          },
          {
            "model": "dc112a",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.40"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015431"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20730"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d8500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:dc112a_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015431"
          }
        ]
      },
      "cve": "CVE-2019-20730",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-20730",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 7.5,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015431",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-20730",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-20730",
                "impactScore": 4.2,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015431",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20730",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20730",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015431",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1341",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015431"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1341"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20730"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20730"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6200 before 1.1.00.28, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DC112A before 1.0.0.40, EX8000 before 1.0.0.118, JR6150 before 1.0.1.18, R6050 before 1.0.1.18, R6220 before 1.1.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6700v2 before 1.2.0.16, R6800 before 1.2.0.16, R6900v2 before 1.2.0.16, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500 before 1.0.0.118, R7500v2 before 1.0.3.26, R7800 before 1.0.2.40, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.6, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.56, and WNDR4500v3 before 1.0.0.56. plural NETGEAR On the device SQL An injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20730"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015431"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20730",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015431",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1341",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015431"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1341"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20730"
          }
        ]
      },
      "id": "VAR-202004-0802",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.396501476060606
      },
      "last_update_date": "2024-11-23T23:04:25.701000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for SQL Injection on Some Routers, Gateways, and Extenders, PSV-2017-3056",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061197/Security-Advisory-for-SQL-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-3056"
          },
          {
            "title": "Multiple NETGEAR product SQL Repair measures for injecting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116891"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015431"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1341"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-89",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015431"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20730"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061197/security-advisory-for-sql-injection-on-some-routers-gateways-and-extenders-psv-2017-3056"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20730"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20730"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015431"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1341"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20730"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015431"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1341"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20730"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015431"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1341"
          },
          {
            "date": "2020-04-16T20:15:13.337000",
            "db": "NVD",
            "id": "CVE-2019-20730"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015431"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1341"
          },
          {
            "date": "2024-11-21T04:39:12.447000",
            "db": "NVD",
            "id": "CVE-2019-20730"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1341"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR On the device  SQL Injection vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015431"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "SQL injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1341"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1344

    Vulnerability from variot - Updated: 2024-11-23 23:04

    Certain NETGEAR devices are affected by denial of service. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6050 before 1.0.1.12, R6080 before 1.0.0.26, R6120 before 1.0.0.36, R6220 before 1.1.0.60, R6700v2 before 1.2.0.12, R6800 before 1.2.0.12, R6900v2 before 1.2.0.12, WNDR3700v5 before 1.1.0.50, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR An unspecified vulnerability exists in the device.Service operation interruption (DoS) It may be put into a state. NETGEAR D6200, etc. are all products of NETGEAR. NETGEAR D6200 is a wireless modem. NETGEAR WNR2020 is a wireless router. NETGEAR R6220 is a wireless router

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1344",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.60"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "jwnr2010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "r6020",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6080",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6120",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "jnr1010v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "wndr3700v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "wnr1000v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31326"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014909"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18780"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:pr2000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6020_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6050_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6080_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6120_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014909"
          }
        ]
      },
      "cve": "CVE-2017-18780",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-18780",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 2.1,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014909",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-31326",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.8,
                "id": "CVE-2017-18780",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.5,
                "id": "CVE-2017-18780",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014909",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18780",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18780",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014909",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-31326",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1884",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31326"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014909"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1884"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18780"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18780"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by denial of service. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6050 before 1.0.1.12, R6080 before 1.0.0.26, R6120 before 1.0.0.36, R6220 before 1.1.0.60, R6700v2 before 1.2.0.12, R6800 before 1.2.0.12, R6900v2 before 1.2.0.12, WNDR3700v5 before 1.1.0.50, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR An unspecified vulnerability exists in the device.Service operation interruption (DoS) It may be put into a state. NETGEAR D6200, etc. are all products of NETGEAR. NETGEAR D6200 is a wireless modem. NETGEAR WNR2020 is a wireless router. NETGEAR R6220 is a wireless router",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18780"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014909"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31326"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18780",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014909",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31326",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1884",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31326"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014909"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1884"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18780"
          }
        ]
      },
      "id": "VAR-202004-1344",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31326"
          }
        ],
        "trust": 1.142545423
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31326"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:04:25.159000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Denial of Service on Some Routers, PSV-2017-2955",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049539/Security-Advisory-for-Denial-of-Service-on-Some-Routers-PSV-2017-2955"
          },
          {
            "title": "Patches for denial of service vulnerabilities in multiple NETGEAR products",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/220029"
          },
          {
            "title": "Multiple NETGEAR Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116660"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31326"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014909"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1884"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18780"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18780"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000049539/security-advisory-for-denial-of-service-on-some-routers-psv-2017-2955"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18780"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31326"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014909"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1884"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18780"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31326"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014909"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1884"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18780"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31326"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014909"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1884"
          },
          {
            "date": "2020-04-22T15:15:12.473000",
            "db": "NVD",
            "id": "CVE-2017-18780"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-08T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31326"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014909"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1884"
          },
          {
            "date": "2024-11-21T03:20:54.087000",
            "db": "NVD",
            "id": "CVE-2017-18780"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1884"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014909"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1884"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1365

    Vulnerability from variot - Updated: 2024-11-23 23:04

    Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects JNR1010v2 before 1.1.0.42, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.42, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6120 before 1.0.0.30, R6220 before 1.1.0.50, R6700v2 before 1.2.0.4, R6800 before 1.2.0.4, R6900v2 before 1.2.0.4, WNDR3700v5 before 1.1.0.48, WNR1000v4 before 1.1.0.42, WNR2020 before 1.1.0.42, and WNR2050 before 1.1.0.42. plural NETGEAR The device contains an input verification vulnerability.Information may be tampered with. NETGEAR JNR1010, etc. are all wireless routers from NETGEAR. No detailed vulnerability details are currently provided

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1365",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.18"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "jwnr2010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.18"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6120",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "r6800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "r6900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "wndr3700v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "jnr1010v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "jwnr2010v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "wnr1000v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.42"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67651"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014904"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18763"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:pr2000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6050_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6120_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6900_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014904"
          }
        ]
      },
      "cve": "CVE-2017-18763",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CVE-2017-18763",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.3,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014904",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-67651",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18763",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18763",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014904",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18763",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18763",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014904",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-67651",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1909",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67651"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014904"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1909"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18763"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18763"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects JNR1010v2 before 1.1.0.42, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.42, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6120 before 1.0.0.30, R6220 before 1.1.0.50, R6700v2 before 1.2.0.4, R6800 before 1.2.0.4, R6900v2 before 1.2.0.4, WNDR3700v5 before 1.1.0.48, WNR1000v4 before 1.1.0.42, WNR2020 before 1.1.0.42, and WNR2050 before 1.1.0.42. plural NETGEAR The device contains an input verification vulnerability.Information may be tampered with. NETGEAR JNR1010, etc. are all wireless routers from NETGEAR. No detailed vulnerability details are currently provided",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18763"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014904"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-67651"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18763",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014904",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-67651",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1909",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67651"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014904"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1909"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18763"
          }
        ]
      },
      "id": "VAR-202004-1365",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67651"
          }
        ],
        "trust": 1.19282616
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67651"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:04:25.132000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Security Misconfiguration on Some Routers and Extenders, PSV-2017-2212",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000051482/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-and-Extenders-PSV-2017-2212"
          },
          {
            "title": "Patch for Multiple NETGEAR products input verification error vulnerability (CNVD-2021-67651)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/289196"
          },
          {
            "title": "Multiple NETGEAR Product input verification error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117245"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67651"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014904"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1909"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014904"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18763"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18763"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000051482/security-advisory-for-security-misconfiguration-on-some-routers-and-extenders-psv-2017-2212"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18763"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67651"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014904"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1909"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18763"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-67651"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014904"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1909"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18763"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-67651"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014904"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1909"
          },
          {
            "date": "2020-04-22T16:15:11.433000",
            "db": "NVD",
            "id": "CVE-2017-18763"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-67651"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014904"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1909"
          },
          {
            "date": "2024-11-21T03:20:51.590000",
            "db": "NVD",
            "id": "CVE-2017-18763"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1909"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Input verification vulnerabilities on devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014904"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1909"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1575

    Vulnerability from variot - Updated: 2024-11-23 23:04

    plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained.

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1575",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.34"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.48"
          },
          {
            "model": "dgn2200b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "d500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "d1500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.30"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.32"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "r8000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.24"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.124"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.68"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.42"
          },
          {
            "model": "r7300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "r8300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.24"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.102"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "d6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r7100lg",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "d8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.42"
          },
          {
            "model": "dc112a",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.40"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.1.44"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.104"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.51"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.30"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.24"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.48"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.34"
          },
          {
            "model": "wnr3500l",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.54"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.38"
          },
          {
            "model": "d6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.82"
          },
          {
            "model": "dgn2200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.18"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.1.44"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.60"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.24"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.9.34"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.24"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "r7900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.4.1.24"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.68"
          },
          {
            "model": "d1500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "d500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.00.30"
          },
          {
            "model": "d6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "d6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.82"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.68"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "v2 1.0.0.51"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.42"
          },
          {
            "model": "d8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.42"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21139"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d1500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d8500_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          }
        ]
      },
      "cve": "CVE-2018-21139",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2018-21139",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.0,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016413",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2018-21139",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2018-21139",
                "impactScore": 4.2,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2018-016413",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2018-21139",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2018-21139",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2018-016413",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2031",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2031"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21139"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21139"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained.",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          }
        ],
        "trust": 0.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2018-21139",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2031",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2031"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21139"
          }
        ]
      },
      "id": "VAR-202004-1575",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.40138965763157897
      },
      "last_update_date": "2024-11-23T23:04:24.898000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Sensitive Information Disclosure on Some Routers, Wireless Extenders and Smart Cradles, PSV-2017-2198",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000060220/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Smart-Cradles-PSV-2017-2198"
          },
          {
            "title": "Multiple NETGEAR Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116786"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2031"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21139"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000060220/security-advisory-for-sensitive-information-disclosure-on-some-routers-and-smart-cradles-psv-2017-2198"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-21139"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21139"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2031"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21139"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2031"
          },
          {
            "db": "NVD",
            "id": "CVE-2018-21139"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          },
          {
            "date": "2020-04-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2031"
          },
          {
            "date": "2020-04-23T21:15:11.690000",
            "db": "NVD",
            "id": "CVE-2018-21139"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          },
          {
            "date": "2020-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2031"
          },
          {
            "date": "2024-11-21T04:02:59.713000",
            "db": "NVD",
            "id": "CVE-2018-21139"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2031"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Information leakage vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2018-016413"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2031"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202010-0577

    Vulnerability from variot - Updated: 2024-11-23 23:04

    Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JR6150 before 1.0.1.24, R6020 before 1.0.0.42, R6050 before 1.0.1.24, R6080 before 1.0.0.42, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6260 before 1.1.0.64, R6700v2 before 1.2.0.62, R6800 before 1.2.0.62, R6900v2 before 1.2.0.62, R7450 before 1.2.0.62, and WNR2020 before 1.1.0.62. plural NETGEAR An unspecified vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202010-0577",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.100"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.38"
          },
          {
            "model": "r6260",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.64"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r7450",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "d6200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "jr6150",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6020",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6050",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6080",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6120",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6220",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6260",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6700v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012215"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26911"
          }
        ]
      },
      "cve": "CVE-2020-26911",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2020-26911",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2020-26911",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "LOW",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2020-26911",
                "impactScore": 5.5,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-26911",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-26911",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2020-26911",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-26911",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202010-342",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012215"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-342"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26911"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26911"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JR6150 before 1.0.1.24, R6020 before 1.0.0.42, R6050 before 1.0.1.24, R6080 before 1.0.0.42, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6260 before 1.1.0.64, R6700v2 before 1.2.0.62, R6800 before 1.2.0.62, R6900v2 before 1.2.0.62, R7450 before 1.2.0.62, and WNR2020 before 1.1.0.62. plural NETGEAR An unspecified vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-26911"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012215"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-26911",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012215",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-342",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012215"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-342"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26911"
          }
        ]
      },
      "id": "VAR-202010-0577",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4178845215384615
      },
      "last_update_date": "2024-11-23T23:04:14.872000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Missing\u00a0Function\u00a0Level\u00a0Access\u00a0Control\u00a0on\u00a0Some\u00a0Routers,\u00a0PSV-2019-0016",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000062342/Security-Advisory-for-Missing-Function-Level-Access-Control-on-Some-Routers-PSV-2019-0016"
          },
          {
            "title": "Multiple  NETGEAR Repair measures for device security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=131129"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012215"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-342"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          },
          {
            "problemtype": "Other (CWE-Other) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012215"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26911"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000062342/security-advisory-for-missing-function-level-access-control-on-some-routers-psv-2019-0016"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-26911"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012215"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-342"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26911"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012215"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-342"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26911"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-04-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012215"
          },
          {
            "date": "2020-10-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202010-342"
          },
          {
            "date": "2020-10-09T07:15:16.933000",
            "db": "NVD",
            "id": "CVE-2020-26911"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-04-27T05:42:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012215"
          },
          {
            "date": "2020-10-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202010-342"
          },
          {
            "date": "2024-11-21T05:20:28.547000",
            "db": "NVD",
            "id": "CVE-2020-26911"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-342"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012215"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-342"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0921

    Vulnerability from variot - Updated: 2024-11-23 23:01

    Certain NETGEAR devices are affected by denial of service. This affects D6200 before 1.1.00.34, D7000 before 1.0.1.70, JR6150 before 1.0.1.18, R6050 before 1.0.1.18, and WNR2020 before 1.1.0.62. plural NETGEAR The device contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state. NETGEAR D6200, etc. are all products of NETGEAR. NETGEAR D6200 is a wireless modem. NETGEAR D7000 is a wireless modem. NETGEAR WNR2020 is a wireless router.

    There are security vulnerabilities in many NETGEAR products

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0921",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.00.34"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.70"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.00.34"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.70"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "wnr2020",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.62"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57176"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015327"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20687"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6050_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr2020_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015327"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Touhid M.Shaikh",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1271"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2019-20687",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-20687",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.0,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015327",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2021-57176",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-20687",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-20687",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015327",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20687",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20687",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015327",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-57176",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1271",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57176"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015327"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1271"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20687"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20687"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by denial of service. This affects D6200 before 1.1.00.34, D7000 before 1.0.1.70, JR6150 before 1.0.1.18, R6050 before 1.0.1.18, and WNR2020 before 1.1.0.62. plural NETGEAR The device contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state. NETGEAR D6200, etc. are all products of NETGEAR. NETGEAR D6200 is a wireless modem. NETGEAR D7000 is a wireless modem. NETGEAR WNR2020 is a wireless router. \n\r\n\r\nThere are security vulnerabilities in many NETGEAR products",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20687"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015327"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-57176"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20687",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015327",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-57176",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1271",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57176"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015327"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1271"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20687"
          }
        ]
      },
      "id": "VAR-202004-0921",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57176"
          }
        ],
        "trust": 0.99959764
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57176"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:01:24.850000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Denial of Service on Some Routers and Gateways, PSV-2018-0182",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061452/Security-Advisory-for-Denial-of-Service-on-Some-Routers-and-Gateways-PSV-2018-0182"
          },
          {
            "title": "Patch for Multiple NETGEAR products input verification error vulnerability (CNVD-2021-57176)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/283661"
          },
          {
            "title": "Multiple NETGEAR Product input verification error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116547"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57176"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015327"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1271"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-20",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015327"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20687"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20687"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061452/security-advisory-for-denial-of-service-on-some-routers-and-gateways-psv-2018-0182"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20687"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57176"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015327"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1271"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20687"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-57176"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015327"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1271"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20687"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-57176"
          },
          {
            "date": "2020-05-12T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015327"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1271"
          },
          {
            "date": "2020-04-16T19:15:23.180000",
            "db": "NVD",
            "id": "CVE-2019-20687"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-31T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-57176"
          },
          {
            "date": "2020-05-12T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015327"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1271"
          },
          {
            "date": "2024-11-21T04:39:05.047000",
            "db": "NVD",
            "id": "CVE-2019-20687"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1271"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Input verification vulnerabilities on devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015327"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1271"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1425

    Vulnerability from variot - Updated: 2024-11-23 23:01

    plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6200, etc. are all products of NETGEAR. NETGEAR D6200 is a wireless modem. NETGEAR WNR2020 is a wireless router. NETGEAR R6220 is a wireless router. The vulnerability stems from the fact that the WEB application does not fully verify whether the request comes from a trusted user. An attacker can use this vulnerability to send an unexpected request to the server through the affected client

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1425",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.60"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "jwnr2010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "r6020",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6080",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6120",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "jnr1010v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "wndr3700v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.50"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31328"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014911"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18782"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:pr2000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6020_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6050_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6080_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6120_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014911"
          }
        ]
      },
      "cve": "CVE-2017-18782",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2017-18782",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 6.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014911",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2020-31328",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18782",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18782",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014911",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18782",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18782",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014911",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-31328",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1887",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31328"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014911"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1887"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18782"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18782"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6200, etc. are all products of NETGEAR. NETGEAR D6200 is a wireless modem. NETGEAR WNR2020 is a wireless router. NETGEAR R6220 is a wireless router. The vulnerability stems from the fact that the WEB application does not fully verify whether the request comes from a trusted user. An attacker can use this vulnerability to send an unexpected request to the server through the affected client",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014911"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31328"
          }
        ],
        "trust": 1.26
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18782",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014911",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31328",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1887",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31328"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014911"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1887"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18782"
          }
        ]
      },
      "id": "VAR-202004-1425",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31328"
          }
        ],
        "trust": 1.142545423
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31328"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:01:24.400000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Cross-Site Request Forgery on Some Routers, PSV-2017-2953",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049537/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-PSV-2017-2953"
          },
          {
            "title": "Patch for Multiple NETGEAR product cross-site request forgery vulnerabilities (CNVD-2020-31328)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/220001"
          },
          {
            "title": "Multiple NETGEAR Repair measures for product cross-site request forgery vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116663"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31328"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014911"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1887"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-352",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014911"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18782"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18782"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000049537/security-advisory-for-cross-site-request-forgery-on-some-routers-psv-2017-2953"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18782"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31328"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014911"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1887"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18782"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31328"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014911"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1887"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18782"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31328"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014911"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1887"
          },
          {
            "date": "2020-04-22T15:15:12.580000",
            "db": "NVD",
            "id": "CVE-2017-18782"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31328"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014911"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1887"
          },
          {
            "date": "2024-11-21T03:20:54.440000",
            "db": "NVD",
            "id": "CVE-2017-18782"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1887"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site request forgery vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014911"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "cross-site request forgery",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1887"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202012-1215

    Vulnerability from variot - Updated: 2024-11-23 23:01

    Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JNR1010v2 before 1.1.0.62, JR6150 before 1.0.1.24, JWNR2010v5 before 1.1.0.62, R6020 before 1.0.0.42, R6050 before 1.0.1.24, R6080 before 1.0.0.42, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6260 before 1.1.0.76, R6700v2 before 1.2.0.62, R6800 before 1.2.0.62, R6900v2 before 1.2.0.62, R7450 before 1.2.0.62, WNR1000v4 before 1.1.0.62, WNR2020 before 1.1.0.62, and WNR2050 before 1.1.0.62. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202012-1215",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.100"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.38"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "jnr1010v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r7450",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "jwnr2010v5",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "r6260",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.76"
          },
          {
            "model": "wnr1000v4",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "jwnr2010v5",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6120",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6020",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6080",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6050",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6220",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "jnr1010v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "jr6150",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015035"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35841"
          }
        ]
      },
      "cve": "CVE-2020-35841",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.5,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.8,
                "id": "CVE-2020-35841",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.3,
                "id": "CVE-2020-35841",
                "impactScore": 4.7,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.7,
                "id": "CVE-2020-35841",
                "impactScore": 4.7,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.6,
                "baseSeverity": "High",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "CVE-2020-35841",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-35841",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2020-35841",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-35841",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202012-1705",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015035"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1705"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35841"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35841"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JNR1010v2 before 1.1.0.62, JR6150 before 1.0.1.24, JWNR2010v5 before 1.1.0.62, R6020 before 1.0.0.42, R6050 before 1.0.1.24, R6080 before 1.0.0.42, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6260 before 1.1.0.76, R6700v2 before 1.2.0.62, R6800 before 1.2.0.62, R6900v2 before 1.2.0.62, R7450 before 1.2.0.62, WNR1000v4 before 1.1.0.62, WNR2020 before 1.1.0.62, and WNR2050 before 1.1.0.62. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-35841"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015035"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-35841",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015035",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1705",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015035"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1705"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35841"
          }
        ]
      },
      "id": "VAR-202012-1215",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.513757762352941
      },
      "last_update_date": "2024-11-23T23:01:10.827000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Stored\u00a0Cross\u00a0Site\u00a0Scripting\u00a0on\u00a0Some\u00a0Routers,\u00a0PSV-2019-0013",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000062712/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-PSV-2019-0013"
          },
          {
            "title": "Multiple  Netgear Fixes for product cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138093"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015035"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1705"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.0
          },
          {
            "problemtype": "Cross-site scripting (CWE-79) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015035"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35841"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000062712/security-advisory-for-stored-cross-site-scripting-on-some-routers-psv-2019-0013"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-35841"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015035"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1705"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35841"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015035"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1705"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35841"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015035"
          },
          {
            "date": "2020-12-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1705"
          },
          {
            "date": "2020-12-30T00:15:16.660000",
            "db": "NVD",
            "id": "CVE-2020-35841"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-08T07:32:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015035"
          },
          {
            "date": "2021-01-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1705"
          },
          {
            "date": "2024-11-21T05:28:16.943000",
            "db": "NVD",
            "id": "CVE-2020-35841"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1705"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015035"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1705"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1351

    Vulnerability from variot - Updated: 2024-11-23 22:58

    Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6000 before 1.0.0.24, EX6130 before 1.0.0.16, EX6400 before 1.0.1.60, EX7000 before 1.0.0.50, EX7300 before 1.0.1.60, and WN2500RPv2 before 1.0.1.46. plural NETGEAR The device contains an input verification vulnerability.Information may be tampered with. NETGEAR JNR1010, etc. are all wireless routers from NETGEAR. The vulnerability stems from the network system or product not correctly verifying the input data. No detailed vulnerability details are currently provided

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1351",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "ex6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.24"
          },
          {
            "model": "wn2500rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "ex3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "ex6130",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.16"
          },
          {
            "model": "ex3800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "ex3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "ex3800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "ex6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.24"
          },
          {
            "model": "ex6130",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.16"
          },
          {
            "model": "ex6400",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "ex7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "ex7300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.60"
          },
          {
            "model": "wn2500rp",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "wndr4500v3",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "wndr3700v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "wndr3700v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "jnr1010v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.2.40"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18747"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex3800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6130_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex6400_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:ex7300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wn2500rp_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          }
        ]
      },
      "cve": "CVE-2017-18747",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CVE-2017-18747",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 3.3,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014866",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-50920",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "LOW",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18747",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18747",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014866",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18747",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18747",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014866",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-50920",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1988",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1988"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18747"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18747"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6000 before 1.0.0.24, EX6130 before 1.0.0.16, EX6400 before 1.0.1.60, EX7000 before 1.0.0.50, EX7300 before 1.0.1.60, and WN2500RPv2 before 1.0.1.46. plural NETGEAR The device contains an input verification vulnerability.Information may be tampered with. NETGEAR JNR1010, etc. are all wireless routers from NETGEAR. The vulnerability stems from the network system or product not correctly verifying the input data. No detailed vulnerability details are currently provided",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18747"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18747",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1988",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1988"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18747"
          }
        ]
      },
      "id": "VAR-202004-1351",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          }
        ],
        "trust": 1.208484782
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:58:18.644000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Security Misconfiguration on Some Extenders, PSV-2016-0115",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000051507/Security-Advisory-for-Security-Misconfiguration-on-Some-Extenders-PSV-2016-0115"
          },
          {
            "title": "Patch for Multiple NETGEAR products input verification error vulnerability (CNVD-2021-50920)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/279126"
          },
          {
            "title": "Multiple NETGEAR Product input verification error vulnerability fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116751"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1988"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18747"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18747"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000051507/security-advisory-for-security-misconfiguration-on-some-extenders-psv-2016-0115"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18747"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1988"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18747"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1988"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18747"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-15T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "date": "2020-04-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1988"
          },
          {
            "date": "2020-04-23T16:15:12.883000",
            "db": "NVD",
            "id": "CVE-2017-18747"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-15T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-50920"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          },
          {
            "date": "2020-04-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1988"
          },
          {
            "date": "2024-11-21T03:20:49.440000",
            "db": "NVD",
            "id": "CVE-2017-18747"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1988"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Input verification vulnerabilities on devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014866"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1988"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202012-1198

    Vulnerability from variot - Updated: 2024-11-23 22:58

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6200 before 1.1.00.32, D7000 before 1.0.1.68, D7800 before 1.0.1.56, DM200 before 1.0.0.61, EX2700 before 1.0.1.52, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.74, EX6400 before 1.0.2.140, EX7300 before 1.0.2.140, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7500v2 before 1.0.3.40, R7800 before 1.0.2.62, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.78, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, XR450 before 2.3.2.32, and XR500 before 2.3.2.32. plural NETGEAR The device contains an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202012-1198",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r6260",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "ex6200v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.74"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "dm200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.80"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "xr450",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.32"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.68"
          },
          {
            "model": "rbr40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "wn3000rpv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.78"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "ex6400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.140"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "wn3100rpv2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "ex6150v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.32"
          },
          {
            "model": "ex7300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.140"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "ex2700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "wnr2000v5",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.70"
          },
          {
            "model": "wn3000rpv3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.78"
          },
          {
            "model": "ex8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.186"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "rbk40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbr20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "ex6100v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.76"
          },
          {
            "model": "rbk20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "rbs40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "r6230",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.80"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "wn2000rptv3",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.34"
          },
          {
            "model": "xr500",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.32"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.56"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.078"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.62"
          },
          {
            "model": "r7500v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.40"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.32"
          },
          {
            "model": "rbs20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.0.28"
          },
          {
            "model": "d6000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6150v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6200v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "dm200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7800",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6100v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex2700",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d3600",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "cve": "CVE-2020-35799",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2020-35799",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-35799",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2020-35799",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-35799",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-35799",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2020-35799",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-35799",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202012-1741",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6200 before 1.1.00.32, D7000 before 1.0.1.68, D7800 before 1.0.1.56, DM200 before 1.0.0.61, EX2700 before 1.0.1.52, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.74, EX6400 before 1.0.2.140, EX7300 before 1.0.2.140, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7500v2 before 1.0.3.40, R7800 before 1.0.2.62, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.78, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, XR450 before 2.3.2.32, and XR500 before 2.3.2.32. plural NETGEAR The device contains an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-35799",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "id": "VAR-202012-1198",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.447916488139535
      },
      "last_update_date": "2024-11-23T22:58:05.562000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Pre-Authentication\u00a0Stack\u00a0Overflow\u00a0on\u00a0Some\u00a0Routers,\u00a0Range\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2018-0296",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000062709/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Range-Extenders-and-WiFi-Systems-PSV-2018-0296"
          },
          {
            "title": "Certain NETGEAR devices Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138121"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "Out-of-bounds writing (CWE-787) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000062709/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-range-extenders-and-wifi-systems-psv-2018-0296"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-35799"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "date": "2020-12-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          },
          {
            "date": "2020-12-30T00:15:14.347000",
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-07T09:06:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          },
          {
            "date": "2021-01-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          },
          {
            "date": "2024-11-21T05:28:08.360000",
            "db": "NVD",
            "id": "CVE-2020-35799"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Out-of-bounds write vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015015"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1741"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-0916

    Vulnerability from variot - Updated: 2024-11-23 22:55

    Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.32, D7000 before 1.0.1.68, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.32. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0916",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r6260",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.32"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.80"
          },
          {
            "model": "xr500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.32"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.68"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.00.32"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.68"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "r6020",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r6080",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.38"
          },
          {
            "model": "r6120",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.46"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015424"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20682"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:pr2000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6020_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6050_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6080_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6120_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015424"
          }
        ]
      },
      "cve": "CVE-2019-20682",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2019-20682",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015424",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-20682",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-20682",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2019-015424",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-20682",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2019-20682",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2019-015424",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1266",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015424"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1266"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20682"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20682"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.32, D7000 before 1.0.1.68, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.32. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-20682"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015424"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-20682",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015424",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1266",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015424"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1266"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20682"
          }
        ]
      },
      "id": "VAR-202004-0916",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.37885093999999997
      },
      "last_update_date": "2024-11-23T22:55:10.934000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Stack Overflow on Some Routers and Gateways, PSV-2018-0311",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000061457/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0311"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114765"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015424"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1266"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015424"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20682"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000061457/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-and-gateways-psv-2018-0311"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20682"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20682"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015424"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1266"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20682"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015424"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1266"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-20682"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015424"
          },
          {
            "date": "2020-04-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1266"
          },
          {
            "date": "2020-04-16T19:15:22.883000",
            "db": "NVD",
            "id": "CVE-2019-20682"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-015424"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1266"
          },
          {
            "date": "2024-11-21T04:39:04.140000",
            "db": "NVD",
            "id": "CVE-2019-20682"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1266"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Out-of-bounds write vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-015424"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1266"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1420

    Vulnerability from variot - Updated: 2024-11-23 22:55

    Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6220 before 1.1.0.50, R6700v2 before 1.2.0.4, R6800 before 1.2.0.4, R6900v2 before 1.2.0.4, WNDR3700v5 before 1.1.0.48, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR JNR1010, etc. are all wireless routers from NETGEAR.

    Injection vulnerabilities exist in many NETGEAR products. The vulnerability stems from the fact that the network system or product lacks the correct verification of the user input data during the operation process of the user inputting the construction command, data structure or record, and the special elements are not filtered or correctly filtered, resulting in the analysis or analysis of the system or product. The explanation is wrong. No detailed vulnerability details are currently provided

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1420",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.18"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "jwnr2010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.18"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "r6800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "r6900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "wndr3700v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "jnr1010v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50923"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014862"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18737"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:pr2000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6050_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014862"
          }
        ]
      },
      "cve": "CVE-2017-18737",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2017-18737",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014862",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-50923",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18737",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18737",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014862",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18737",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18737",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014862",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-50923",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2018",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50923"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014862"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2018"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18737"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18737"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6220 before 1.1.0.50, R6700v2 before 1.2.0.4, R6800 before 1.2.0.4, R6900v2 before 1.2.0.4, WNDR3700v5 before 1.1.0.48, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR JNR1010, etc. are all wireless routers from NETGEAR. \n\r\n\r\nInjection vulnerabilities exist in many NETGEAR products. The vulnerability stems from the fact that the network system or product lacks the correct verification of the user input data during the operation process of the user inputting the construction command, data structure or record, and the special elements are not filtered or correctly filtered, resulting in the analysis or analysis of the system or product. The explanation is wrong. No detailed vulnerability details are currently provided",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18737"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014862"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-50923"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18737",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014862",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-50923",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2018",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50923"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014862"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2018"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18737"
          }
        ]
      },
      "id": "VAR-202004-1420",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50923"
          }
        ],
        "trust": 1.2135817773333333
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50923"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:55:10.459000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Command Injection on Some Routers and Extenders, PSV-2017-2140",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000051518/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-Extenders-PSV-2017-2140"
          },
          {
            "title": "Patch for Injection vulnerabilities in multiple NETGEAR products (CNVD-2021-50923)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/279111"
          },
          {
            "title": "Multiple NETGEAR Fixing measures for product injection vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116776"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50923"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014862"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2018"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-74",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014862"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18737"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18737"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000051518/security-advisory-for-pre-authentication-command-injection-on-some-routers-and-extenders-psv-2017-2140"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18737"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50923"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014862"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2018"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18737"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50923"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014862"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2018"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18737"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-15T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-50923"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014862"
          },
          {
            "date": "2020-04-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2018"
          },
          {
            "date": "2020-04-23T17:15:12.490000",
            "db": "NVD",
            "id": "CVE-2017-18737"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-15T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-50923"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014862"
          },
          {
            "date": "2020-04-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2018"
          },
          {
            "date": "2024-11-21T03:20:47.853000",
            "db": "NVD",
            "id": "CVE-2017-18737"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2018"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Injection vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014862"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2018"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202010-0580

    Vulnerability from variot - Updated: 2024-11-23 22:54

    Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JR6150 before 1.0.1.24, R6020 before 1.0.0.42, R6050 before 1.0.1.24, R6080 before 1.0.0.42, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6260 before 1.1.0.64, R6700v2 before 1.2.0.62, R6800 before 1.2.0.62, R6900v2 before 1.2.0.62, R7450 before 1.2.0.62, and WNR2020 before 1.1.0.62. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202010-0580",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.100"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.38"
          },
          {
            "model": "r6260",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.64"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r7450",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "d6200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "jr6150",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6020",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6050",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6080",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6120",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6220",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6260",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6700v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012217"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26914"
          }
        ]
      },
      "cve": "CVE-2020-26914",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2020-26914",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-26914",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "LOW",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-26914",
                "impactScore": 5.5,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.1"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.1,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-26914",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-26914",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2020-26914",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-26914",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202010-345",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012217"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-345"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26914"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26914"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JR6150 before 1.0.1.24, R6020 before 1.0.0.42, R6050 before 1.0.1.24, R6080 before 1.0.0.42, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6260 before 1.1.0.64, R6700v2 before 1.2.0.62, R6800 before 1.2.0.62, R6900v2 before 1.2.0.62, R7450 before 1.2.0.62, and WNR2020 before 1.1.0.62. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-26914"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012217"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-26914",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012217",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-345",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012217"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-345"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26914"
          }
        ]
      },
      "id": "VAR-202010-0580",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4178845215384615
      },
      "last_update_date": "2024-11-23T22:54:59.847000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Post-Authentication\u00a0Command\u00a0Injection\u00a0on\u00a0Some\u00a0Routers,\u00a0PSV-2019-0014",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000062339/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-PSV-2019-0014"
          },
          {
            "title": "Multiple  NETGEAR Fixes for device command injection vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=131132"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012217"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-345"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-77",
            "trust": 1.0
          },
          {
            "problemtype": "Command injection (CWE-77) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012217"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26914"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000062339/security-advisory-for-post-authentication-command-injection-on-some-routers-psv-2019-0014"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-26914"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012217"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-345"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26914"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012217"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-345"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26914"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-04-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012217"
          },
          {
            "date": "2020-10-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202010-345"
          },
          {
            "date": "2020-10-09T07:15:17.120000",
            "db": "NVD",
            "id": "CVE-2020-26914"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-04-27T05:42:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012217"
          },
          {
            "date": "2020-10-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202010-345"
          },
          {
            "date": "2024-11-21T05:20:29.020000",
            "db": "NVD",
            "id": "CVE-2020-26914"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-345"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Command injection vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012217"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "command injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-345"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202012-1186

    Vulnerability from variot - Updated: 2024-11-23 22:54

    Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202012-1186",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.34"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "r7000p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.1.64"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.80"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "ex8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.186"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.36"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.28"
          },
          {
            "model": "r6260",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.64"
          },
          {
            "model": "ex7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.60"
          },
          {
            "model": "xr500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.3.2.40"
          },
          {
            "model": "ex6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "r8900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.46"
          },
          {
            "model": "r6900p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.3.1.64"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.70"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.9.42"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.6"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "d3600",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex6200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "jr6150",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex8000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "pr2000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "ex7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6020",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35787"
          }
        ]
      },
      "cve": "CVE-2020-35787",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.2,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 5.1,
                "id": "CVE-2020-35787",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.0,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.1,
                "id": "CVE-2020-35787",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 8.0,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-014979",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-35787",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2020-35787",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-35787",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202012-1789",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1789"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35787"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35787"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-35787"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-35787",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1789",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1789"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35787"
          }
        ]
      },
      "id": "VAR-202012-1186",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.36104530079999997
      },
      "last_update_date": "2024-11-23T22:54:56.981000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Post-Authentication\u00a0Buffer\u00a0Overflow\u00a0on\u00a0Some\u00a0Routers\u00a0and\u00a0Range\u00a0Extenders,\u00a0PSV-2018-0379",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000062710/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Range-Extenders-PSV-2018-0379"
          },
          {
            "title": "NETGEAR Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=138158"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1789"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.0
          },
          {
            "problemtype": "Classic buffer overflow (CWE-120) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35787"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000062710/security-advisory-for-post-authentication-buffer-overflow-on-some-routers-and-range-extenders-psv-2018-0379"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-35787"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1789"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35787"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1789"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-35787"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          },
          {
            "date": "2020-12-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1789"
          },
          {
            "date": "2020-12-30T00:15:13.533000",
            "db": "NVD",
            "id": "CVE-2020-35787"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-07T06:17:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          },
          {
            "date": "2021-01-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-1789"
          },
          {
            "date": "2024-11-21T05:28:05.810000",
            "db": "NVD",
            "id": "CVE-2020-35787"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1789"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Classic buffer overflow vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014979"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-1789"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1262

    Vulnerability from variot - Updated: 2024-11-23 22:48

    Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, D6000 before 2017-01-06, D6100 before 2017-01-06, D6200 before 2017-01-06, D6200B before 2017-01-06, D6300B before 2017-01-06, D6300 before 2017-01-06, DGN1000v3 before 2017-01-06, DGN2200v1 before 2017-01-06, DGN2200v3 before 2017-01-06, DGN2200V4 before 2017-01-06, DGN2200Bv3 before 2017-01-06, DGN2200Bv4 before 2017-01-06, DGND3700v1 before 2017-01-06, DGND3700v2 before 2017-01-06, DGND3700Bv2 before 2017-01-06, JNR1010v1 before 2017-01-06, JNR1010v2 before 2017-01-06, JNR3300 before 2017-01-06, JR6100 before 2017-01-06, JR6150 before 2017-01-06, JWNR2000v5 before 2017-01-06, R2000 before 2017-01-06, R6050 before 2017-01-06, R6100 before 2017-01-06, R6200 before 2017-01-06, R6200v2 before 2017-01-06, R6220 before 2017-01-06, R6250 before 2017-01-06, R6300 before 2017-01-06, R6300v2 before 2017-01-06, R6700 before 2017-01-06, R7000 before 2017-01-06, R7900 before 2017-01-06, R7500 before 2017-01-06, R8000 before 2017-01-06, WGR614v10 before 2017-01-06, WNR1000v2 before 2017-01-06, WNR1000v3 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2000v3 before 2017-01-06, WNR2000v4 before 2017-01-06, WNR2000v5 before 2017-01-06, WNR2200 before 2017-01-06, WNR2500 before 2017-01-06, WNR3500Lv2 before 2017-01-06, WNDR3400v2 before 2017-01-06, WNDR3400v3 before 2017-01-06, WNDR3700v3 before 2017-01-06, WNDR3700v4 before 2017-01-06, WNDR3700v5 before 2017-01-06, WNDR4300 before 2017-01-06, WNDR4300v2 before 2017-01-06, WNDR4500v1 before 2017-01-06, WNDR4500v2 before 2017-01-06, and WNDR4500v3 before 2017-01-06. plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained. This affects AC1450 prior to 2017-01-06, C6300 prior to 2017-01-06, D500 prior to 2017-01-06, D1500 prior to 2017-01-06, D3600 prior to 2017-01-06, D6000 prior to 2017-01-06, D6100 prior to 2017-01-06, D6200 prior to 2017-01-06, D6200B prior to 2017-01-06, D6300B prior to 2017-01-06, D6300 prior to 2017-01-06, DGN1000v3 prior to 2017-01-06, DGN2200v1 prior to 2017-01-06, DGN2200v3 prior to 2017-01-06, DGN2200V4 prior to 2017-01-06, DGN2200Bv3 prior to 2017-01-06, DGN2200Bv4 prior to 2017-01-06, DGND3700v1 prior to 2017-01-06, DGND3700v2 prior to 2017-01-06, DGND3700Bv2 prior to 2017-01-06, JNR1010v1 prior to 2017-01-06, JNR1010v2 prior to 2017-01-06, JNR3300 prior to 2017-01-06, JR6100 prior to 2017-01-06, JR6150 prior to 2017-01-06, JWNR2000v5 prior to 2017-01-06, R2000 prior to 2017-01-06, R6050 prior to 2017-01-06, R6100 prior to 2017-01-06, R6200 prior to 2017-01-06, R6200v2 prior to 2017-01-06, R6220 prior to 2017-01-06, R6250 prior to 2017-01-06, R6300 prior to 2017-01-06, R6300v2 prior to 2017-01-06, R6700 prior to 2017-01-06, R7000 prior to 2017-01-06, R7900 prior to 2017-01-06, R7500 prior to 2017-01-06, R8000 prior to 2017-01-06, WGR614v10 prior to 2017-01-06, WNR1000v2 prior to 2017-01-06, WNR1000v3 prior to 2017-01-06, WNR1000v4 prior to 2017-01-06, WNR2000v3 prior to 2017-01-06, WNR2000v4 prior to 2017-01-06, WNR2000v5 prior to 2017-01-06, WNR2200 prior to 2017-01-06, WNR2500 prior to 2017-01-06, WNR3500Lv2 prior to 2017-01-06, WNDR3400v2 prior to 2017-01-06, WNDR3400v3 prior to 2017-01-06, WNDR3700v3 prior to 2017-01-06, WNDR3700v4 prior to 2017-01-06, WNDR3700v5 prior to 2017-01-06, WNDR4300 prior to 2017-01-06, WNDR4300v2 prior to 2017-01-06, WNDR4500v1 prior to 2017-01-06, WNDR4500v2 prior to 2017-01-06, and WNDR4500v3 prior to 2017-01-06

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1262",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wndr3400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "dgn2200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "dgnd3700b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "d6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "ac1450",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wnr2200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "d6200b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "dgn2200b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wnr2500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "jr6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "jwnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "dgnd3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wnr3500l",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wgr614",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "jnr3300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "d6000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "d3600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "d500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "d6300b",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "d1500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "c6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "dgn1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2017-01-06"
          },
          {
            "model": "ac1450",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "c6300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "d1500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "d500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "d6200b",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "d6300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "2017/01/06"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "ac1450",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "ac1450",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "d1500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "d1500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.25"
          },
          {
            "model": "d1500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "d3600",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.25"
          },
          {
            "model": "d500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.27"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.49"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.61"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.67"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "d6000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.76"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50 0.0.50"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.57"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.63"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.00.28"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.00.30"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.00.32"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.00.34"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.00.36"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.82"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.86"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.96"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.106"
          },
          {
            "model": "dgn2200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "dgn2200b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "dgn2200b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "dgn2200b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.82"
          },
          {
            "model": "dgn2200b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.94"
          },
          {
            "model": "dgn2200b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.96"
          },
          {
            "model": "dgn2200b",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.102"
          },
          {
            "model": "dgnd3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.32"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.17"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.7"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.86"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.7"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.10j"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.1"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r6200",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.14"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.60"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.64"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.66"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.68"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.80"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.86"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.6 10.1.12"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.8"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.14"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.16"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.20"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.26"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.30"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.34"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.06"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.6"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.8"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.8 10.0.77"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.18"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.22"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.24"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.28"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.32"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.20"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.22"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.30"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.36"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.44"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.46"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.48"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.6"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.8"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.32"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.66"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.84"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.38"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.1.20"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.2"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.14"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.16"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.24"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.36"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.7.2 1.1.93"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.7.10"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.4"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.6"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.10"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.12"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.14"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.18"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.26"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.28"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.32"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.34"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.42"
          },
          {
            "model": "r7000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.9.60"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.108"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.112"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.116"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.118"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.122"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.124"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.130"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.16"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.34"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.36"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.38"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.40"
          },
          {
            "model": "r7500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.46"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.8"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.4"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.10"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.16"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.8"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.10"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.22"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.24"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.26"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.32"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.36"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.44"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.46"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.48"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.3.54"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.2"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.4"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.4 1.1.42"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.18"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.28"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.4.46"
          },
          {
            "model": "wndr3400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.8"
          },
          {
            "model": "wndr3400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "wndr3400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "wndr3400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "wndr3400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.18"
          },
          {
            "model": "wndr3400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "wndr3400",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.122"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.86"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.92"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.94"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.96"
          },
          {
            "model": "wndr4300",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.2.98"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.50"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.52"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.56"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.72"
          },
          {
            "model": "wndr4500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.42"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.46"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.1.0.54"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.62"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.64"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.68"
          },
          {
            "model": "wnr2000",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.8"
          },
          {
            "model": "wnr2500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wnr2500",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "wnr3500l",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": null
          },
          {
            "model": "wnr3500l",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.40"
          },
          {
            "model": "wnr3500l",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.44"
          },
          {
            "model": "wnr3500l",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.46"
          },
          {
            "model": "wnr3500l",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.48"
          },
          {
            "model": "wnr3500l",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.50"
          },
          {
            "model": "wnr3500l",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.54"
          },
          {
            "model": "wnr3500l",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.0.56"
          },
          {
            "model": "wnr3500l",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "netgear",
            "version": "1.2.2.44 35.0.53na"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-11059"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-11059"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:ac1450_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:c6300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d1500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d3600_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d500_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200b_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6300_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          }
        ]
      },
      "cve": "CVE-2016-11059",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2016-11059",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.0,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014989",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2016-11059",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014989",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2016-11059",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014989",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-2304",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2016-11059",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-11059"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2304"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-11059"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, D6000 before 2017-01-06, D6100 before 2017-01-06, D6200 before 2017-01-06, D6200B before 2017-01-06, D6300B before 2017-01-06, D6300 before 2017-01-06, DGN1000v3 before 2017-01-06, DGN2200v1 before 2017-01-06, DGN2200v3 before 2017-01-06, DGN2200V4 before 2017-01-06, DGN2200Bv3 before 2017-01-06, DGN2200Bv4 before 2017-01-06, DGND3700v1 before 2017-01-06, DGND3700v2 before 2017-01-06, DGND3700Bv2 before 2017-01-06, JNR1010v1 before 2017-01-06, JNR1010v2 before 2017-01-06, JNR3300 before 2017-01-06, JR6100 before 2017-01-06, JR6150 before 2017-01-06, JWNR2000v5 before 2017-01-06, R2000 before 2017-01-06, R6050 before 2017-01-06, R6100 before 2017-01-06, R6200 before 2017-01-06, R6200v2 before 2017-01-06, R6220 before 2017-01-06, R6250 before 2017-01-06, R6300 before 2017-01-06, R6300v2 before 2017-01-06, R6700 before 2017-01-06, R7000 before 2017-01-06, R7900 before 2017-01-06, R7500 before 2017-01-06, R8000 before 2017-01-06, WGR614v10 before 2017-01-06, WNR1000v2 before 2017-01-06, WNR1000v3 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2000v3 before 2017-01-06, WNR2000v4 before 2017-01-06, WNR2000v5 before 2017-01-06, WNR2200 before 2017-01-06, WNR2500 before 2017-01-06, WNR3500Lv2 before 2017-01-06, WNDR3400v2 before 2017-01-06, WNDR3400v3 before 2017-01-06, WNDR3700v3 before 2017-01-06, WNDR3700v4 before 2017-01-06, WNDR3700v5 before 2017-01-06, WNDR4300 before 2017-01-06, WNDR4300v2 before 2017-01-06, WNDR4500v1 before 2017-01-06, WNDR4500v2 before 2017-01-06, and WNDR4500v3 before 2017-01-06. plural NETGEAR The device contains a vulnerability related to information leakage.Information may be obtained. This affects AC1450 prior to 2017-01-06, C6300 prior to 2017-01-06, D500 prior to 2017-01-06, D1500 prior to 2017-01-06, D3600 prior to 2017-01-06, D6000 prior to 2017-01-06, D6100 prior to 2017-01-06, D6200 prior to 2017-01-06, D6200B prior to 2017-01-06, D6300B prior to 2017-01-06, D6300 prior to 2017-01-06, DGN1000v3 prior to 2017-01-06, DGN2200v1 prior to 2017-01-06, DGN2200v3 prior to 2017-01-06, DGN2200V4 prior to 2017-01-06, DGN2200Bv3 prior to 2017-01-06, DGN2200Bv4 prior to 2017-01-06, DGND3700v1 prior to 2017-01-06, DGND3700v2 prior to 2017-01-06, DGND3700Bv2 prior to 2017-01-06, JNR1010v1 prior to 2017-01-06, JNR1010v2 prior to 2017-01-06, JNR3300 prior to 2017-01-06, JR6100 prior to 2017-01-06, JR6150 prior to 2017-01-06, JWNR2000v5 prior to 2017-01-06, R2000 prior to 2017-01-06, R6050 prior to 2017-01-06, R6100 prior to 2017-01-06, R6200 prior to 2017-01-06, R6200v2 prior to 2017-01-06, R6220 prior to 2017-01-06, R6250 prior to 2017-01-06, R6300 prior to 2017-01-06, R6300v2 prior to 2017-01-06, R6700 prior to 2017-01-06, R7000 prior to 2017-01-06, R7900 prior to 2017-01-06, R7500 prior to 2017-01-06, R8000 prior to 2017-01-06, WGR614v10 prior to 2017-01-06, WNR1000v2 prior to 2017-01-06, WNR1000v3 prior to 2017-01-06, WNR1000v4 prior to 2017-01-06, WNR2000v3 prior to 2017-01-06, WNR2000v4 prior to 2017-01-06, WNR2000v5 prior to 2017-01-06, WNR2200 prior to 2017-01-06, WNR2500 prior to 2017-01-06, WNR3500Lv2 prior to 2017-01-06, WNDR3400v2 prior to 2017-01-06, WNDR3400v3 prior to 2017-01-06, WNDR3700v3 prior to 2017-01-06, WNDR3700v4 prior to 2017-01-06, WNDR3700v5 prior to 2017-01-06, WNDR4300 prior to 2017-01-06, WNDR4300v2 prior to 2017-01-06, WNDR4500v1 prior to 2017-01-06, WNDR4500v2 prior to 2017-01-06, and WNDR4500v3 prior to 2017-01-06",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-11059"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-11059"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2016-11059",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2304",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-11059",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-11059"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2304"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-11059"
          }
        ]
      },
      "id": "VAR-202004-1262",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4569339544444444
      },
      "last_update_date": "2024-11-23T22:48:01.793000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "NETGEAR Product Vulnerability Advisory: Authentication Bypass and Information Disclosure on Home Routers",
            "trust": 0.8,
            "url": "https://kb.netgear.com/27253/NETGEAR-Product-Vulnerability-Advisory-Authentication-Bypass-and-Information-Disclosure-on-Home-Routers"
          },
          {
            "title": "Multiple NETGEAR Product information disclosure vulnerability repair measures",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117917"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2304"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-11059"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/27253/netgear-product-vulnerability-advisory-authentication-bypass-and-information-disclosure-on-home-routers"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-11059"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-11059"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/200.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-11059"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2304"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-11059"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2016-11059"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2304"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-11059"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-04-28T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-11059"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2304"
          },
          {
            "date": "2020-04-28T17:15:12.460000",
            "db": "NVD",
            "id": "CVE-2016-11059"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-11059"
          },
          {
            "date": "2020-06-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          },
          {
            "date": "2020-05-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-2304"
          },
          {
            "date": "2024-11-21T02:45:24.220000",
            "db": "NVD",
            "id": "CVE-2016-11059"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2304"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Information leakage vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014989"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-2304"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1304

    Vulnerability from variot - Updated: 2024-11-23 22:48

    plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7000, etc. are all products of NETGEAR. NETGEAR D7000 is a wireless modem. NETGEAR WNR2020 is a wireless router. NETGEAR R6220 is a wireless router. The vulnerability stems from the fact that the WEB application does not fully verify whether the request comes from a trusted user. An attacker can use this vulnerability to send unexpected requests to the server through the affected client

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1304",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.50"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.17"
          },
          {
            "model": "wnr614",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "wnr618",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.7"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.7"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.7"
          },
          {
            "model": "jwnr2010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.7"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.7"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "wnr2020",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "wnr2050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "wndr3700v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "jnr1010v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "jwnr2010v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "wnr1000v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.40"
          },
          {
            "model": "r6050/jr6150",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.1.7"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-59165"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014947"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18791"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:pr2000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6050_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr1000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr2020_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr2050_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014947"
          }
        ]
      },
      "cve": "CVE-2017-18791",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2017-18791",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 6.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014947",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2021-59165",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18791",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18791",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014947",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18791",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18791",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014947",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-59165",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1816",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-59165"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014947"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1816"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18791"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18791"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7000, etc. are all products of NETGEAR. NETGEAR D7000 is a wireless modem. NETGEAR WNR2020 is a wireless router. NETGEAR R6220 is a wireless router. The vulnerability stems from the fact that the WEB application does not fully verify whether the request comes from a trusted user. An attacker can use this vulnerability to send unexpected requests to the server through the affected client",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014947"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-59165"
          }
        ],
        "trust": 1.26
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18791",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014947",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-59165",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1816",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-59165"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014947"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1816"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18791"
          }
        ]
      },
      "id": "VAR-202004-1304",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-59165"
          }
        ],
        "trust": 1.2199371257142855
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-59165"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:48:01.736000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Cross-Site Request Forgery Vulnerability on D7000, PR2000, and Some Routers PSV-2017-0386",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049371/Security-Advisory-for-Cross-Site-Request-Forgery-Vulnerability-on-D7000-and-Some-Routers-PSV-2017-0386"
          },
          {
            "title": "Patch for Cross-site request forgery vulnerability in multiple NETGEAR products (CNVD-2021-59165)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/284371"
          },
          {
            "title": "Multiple NETGEAR Repair measures for product cross-site request forgery vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116293"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-59165"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014947"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1816"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-352",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014947"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18791"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18791"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000049371/security-advisory-for-cross-site-request-forgery-vulnerability-on-d7000-and-some-routers-psv-2017-0386"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18791"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-59165"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014947"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1816"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18791"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-59165"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014947"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1816"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18791"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-08-08T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-59165"
          },
          {
            "date": "2020-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014947"
          },
          {
            "date": "2020-04-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1816"
          },
          {
            "date": "2020-04-21T19:15:11.897000",
            "db": "NVD",
            "id": "CVE-2017-18791"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-09-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-59165"
          },
          {
            "date": "2020-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014947"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1816"
          },
          {
            "date": "2024-11-21T03:20:55.977000",
            "db": "NVD",
            "id": "CVE-2017-18791"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1816"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site request forgery vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014947"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "cross-site request forgery",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1816"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1346

    Vulnerability from variot - Updated: 2024-11-23 22:48

    Certain NETGEAR devices are affected by CSRF. This affects JR6150 before 1.0.1.10, R6050 before 1.0.1.10, R6250 before 1.0.4.12, R6300v2 before 1.0.4.8, R6700 before 1.0.1.16, R6900 before 1.0.1.16, R7300DST before 1.0.0.54, R7900 before 1.0.1.12, R8000 before 1.0.3.32, and R8500 before 1.0.2.74. plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that the WEB application does not fully verify whether the request comes from a trusted user. An attacker can use this vulnerability to send unexpected requests to the server through the affected client

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1346",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r7300dst",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r7900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r8500",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.2.74"
          },
          {
            "model": "r6250",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r8000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.3.32"
          },
          {
            "model": "r6300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.4.8"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6250",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.12"
          },
          {
            "model": "r6300",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.4.8"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r6900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.16"
          },
          {
            "model": "r7300dst",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.54"
          },
          {
            "model": "r7900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r8000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.3.32"
          },
          {
            "model": "r8500",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.2.74"
          },
          {
            "model": "r6300v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.0.4.8"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50917"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014939"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18742"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6050_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6250_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6300_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7300dst_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r7900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r8500_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014939"
          }
        ]
      },
      "cve": "CVE-2017-18742",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2017-18742",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 6.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014939",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2021-50917",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18742",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18742",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014939",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18742",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18742",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014939",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-50917",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1983",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50917"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014939"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1983"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18742"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18742"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by CSRF. This affects JR6150 before 1.0.1.10, R6050 before 1.0.1.10, R6250 before 1.0.4.12, R6300v2 before 1.0.4.8, R6700 before 1.0.1.16, R6900 before 1.0.1.16, R7300DST before 1.0.0.54, R7900 before 1.0.1.12, R8000 before 1.0.3.32, and R8500 before 1.0.2.74. plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6250, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that the WEB application does not fully verify whether the request comes from a trusted user. An attacker can use this vulnerability to send unexpected requests to the server through the affected client",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18742"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014939"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-50917"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18742",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014939",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-50917",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1983",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50917"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014939"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1983"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18742"
          }
        ]
      },
      "id": "VAR-202004-1346",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50917"
          }
        ],
        "trust": 1.069822307
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50917"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:48:01.639000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Cross-Site Request Forgery on Some Routers, PSV-2017-0331",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000051513/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-PSV-2017-0331"
          },
          {
            "title": "Patch for Cross-site request forgery vulnerabilities in multiple NETGEAR products (CNVD-2021-50917)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/279081"
          },
          {
            "title": "Multiple NETGEAR Repair measures for product cross-site request forgery vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116746"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50917"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014939"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1983"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-352",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014939"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18742"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18742"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000051513/security-advisory-for-cross-site-request-forgery-on-some-routers-psv-2017-0331"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18742"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50917"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014939"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1983"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18742"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-50917"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014939"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1983"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18742"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-50917"
          },
          {
            "date": "2020-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014939"
          },
          {
            "date": "2020-04-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1983"
          },
          {
            "date": "2020-04-23T16:15:12.570000",
            "db": "NVD",
            "id": "CVE-2017-18742"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-15T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-50917"
          },
          {
            "date": "2020-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014939"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1983"
          },
          {
            "date": "2024-11-21T03:20:48.703000",
            "db": "NVD",
            "id": "CVE-2017-18742"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1983"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site request forgery vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014939"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "cross-site request forgery",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1983"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1430

    Vulnerability from variot - Updated: 2024-11-23 22:48

    Certain NETGEAR devices are affected by command injection. This affects D6200 before 1.1.00.24, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6050, before 1.0.1.12, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR JNR1010, etc. are all products of NETGEAR. NETGEAR JNR1010 is a wireless router. NETGEAR D6200 is a wireless modem. NETGEAR WNR2020 is a wireless router.

    There are injection vulnerabilities in many NETGEAR products, which can be exploited by an attacker to cause the system or product to produce an incorrect interpretation or interpretation method

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1430",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "jwnr2010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2020",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jnr1010v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31242"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014950"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18787"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:pr2000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6050_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr1000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr2020_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr2050_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014950"
          }
        ]
      },
      "cve": "CVE-2017-18787",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-18787",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 4.6,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014950",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-31242",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2017-18787",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.5,
                "id": "CVE-2017-18787",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014950",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18787",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18787",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014950",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-31242",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1892",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31242"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014950"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1892"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18787"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18787"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by command injection. This affects D6200 before 1.1.00.24, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6050, before 1.0.1.12, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR JNR1010, etc. are all products of NETGEAR. NETGEAR JNR1010 is a wireless router. NETGEAR D6200 is a wireless modem. NETGEAR WNR2020 is a wireless router. \n\r\n\r\nThere are injection vulnerabilities in many NETGEAR products, which can be exploited by an attacker to cause the system or product to produce an incorrect interpretation or interpretation method",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18787"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014950"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31242"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18787",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014950",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31242",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1892",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31242"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014950"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1892"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18787"
          }
        ]
      },
      "id": "VAR-202004-1430",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31242"
          }
        ],
        "trust": 1.1998075455555555
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31242"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:48:01.539000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Command Injection on Some Routers, PSV-2017-2948",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049528/Security-Advisory-for-Command-Injection-on-Some-Routers-PSV-2017-2948"
          },
          {
            "title": "Patch for Multiple NETGEAR product injection vulnerabilities (CNVD-2020-31242)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/219865"
          },
          {
            "title": "Multiple NETGEAR Product Command Injection Vulnerability Fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116668"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31242"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014950"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1892"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-74",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014950"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18787"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18787"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000049528/security-advisory-for-command-injection-on-some-routers-psv-2017-2948"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18787"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31242"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014950"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1892"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18787"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31242"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014950"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1892"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18787"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31242"
          },
          {
            "date": "2020-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014950"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1892"
          },
          {
            "date": "2020-04-22T15:15:13.113000",
            "db": "NVD",
            "id": "CVE-2017-18787"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31242"
          },
          {
            "date": "2020-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014950"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1892"
          },
          {
            "date": "2024-11-21T03:20:55.303000",
            "db": "NVD",
            "id": "CVE-2017-18787"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1892"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Injection vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014950"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1892"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1366

    Vulnerability from variot - Updated: 2024-11-23 22:44

    Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6100 before 1.0.0.55, D7000 before 1.0.1.50, D7800 before 1.0.1.28, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6100 before 1.0.1.14, R6120 before 1.0.0.30, R6220 before 1.1.0.50, R6700v2 before 1.2.0.4, R6800 before 1.2.0.4, R6900v2 before 1.2.0.4, R7500 before 1.0.0.110, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, R9000 before 1.0.2.52, WN3000RPv3 before 1.0.2.50, WNDR3700v4 before 1.0.2.88, WNDR3700v5 before 1.1.0.48, WNDR4300v1 before 1.0.2.90, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.44, WNR2000v5 before 1.0.0.58, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1366",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.90"
          },
          {
            "model": "d6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "wndr4300",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wn3000rp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.50"
          },
          {
            "model": "r9000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.52"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.30"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r6100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.88"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.110"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "d7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.18"
          },
          {
            "model": "r7500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.3.20"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r7800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.2.36"
          },
          {
            "model": "wndr4500",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.50"
          },
          {
            "model": "wnr2000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.58"
          },
          {
            "model": "d6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.55"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.50"
          },
          {
            "model": "d7800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.28"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.44"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "jwnr2010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.18"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6100",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.14"
          },
          {
            "model": "r6120",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.30"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18764"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:pr2000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6050_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6100_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6120_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          }
        ]
      },
      "cve": "CVE-2017-18764",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2017-18764",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014905",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18764",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18764",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014905",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18764",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18764",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014905",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1910",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1910"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18764"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18764"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6100 before 1.0.0.55, D7000 before 1.0.1.50, D7800 before 1.0.1.28, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6100 before 1.0.1.14, R6120 before 1.0.0.30, R6220 before 1.1.0.50, R6700v2 before 1.2.0.4, R6800 before 1.2.0.4, R6900v2 before 1.2.0.4, R7500 before 1.0.0.110, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, R9000 before 1.0.2.52, WN3000RPv3 before 1.0.2.50, WNDR3700v4 before 1.0.2.88, WNDR3700v5 before 1.1.0.48, WNDR4300v1 before 1.0.2.90, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.44, WNR2000v5 before 1.0.0.58, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18764"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18764",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1910",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1910"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18764"
          }
        ]
      },
      "id": "VAR-202004-1366",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4303076327777777
      },
      "last_update_date": "2024-11-23T22:44:36.363000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Command Injection on Some Routers, Gateways, and Extenders, PSV-2017-2210",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000051481/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2210"
          },
          {
            "title": "Multiple NETGEAR Fixing measures for product injection vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117246"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1910"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-74",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18764"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000051481/security-advisory-for-pre-authentication-command-injection-on-some-routers-gateways-and-extenders-psv-2017-2210"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18764"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18764"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1910"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18764"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1910"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18764"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1910"
          },
          {
            "date": "2020-04-22T16:15:11.497000",
            "db": "NVD",
            "id": "CVE-2017-18764"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1910"
          },
          {
            "date": "2024-11-21T03:20:51.747000",
            "db": "NVD",
            "id": "CVE-2017-18764"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1910"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Injection vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014905"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1910"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1429

    Vulnerability from variot - Updated: 2024-11-23 22:44

    Certain NETGEAR devices are affected by command injection. This affects D6200 before 1.1.00.24, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6050 before 1.0.1.12, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR JNR1010, etc. are all products of NETGEAR. NETGEAR JNR1010 is a wireless router. NETGEAR D6200 is a wireless modem. NETGEAR WNR2020 is a wireless router.

    There are injection vulnerabilities in many NETGEAR products, which can be exploited by an attacker to cause the system or product to produce an incorrect interpretation or interpretation method

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1429",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "jwnr2010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "wnr1000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2020",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jnr1010v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31241"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014949"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18786"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:pr2000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6050_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr1000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr2020_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wnr2050_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014949"
          }
        ]
      },
      "cve": "CVE-2017-18786",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-18786",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 4.6,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014949",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-31241",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2017-18786",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.5,
                "id": "CVE-2017-18786",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014949",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18786",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18786",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014949",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-31241",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1891",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31241"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014949"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1891"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18786"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18786"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by command injection. This affects D6200 before 1.1.00.24, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6050 before 1.0.1.12, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR JNR1010, etc. are all products of NETGEAR. NETGEAR JNR1010 is a wireless router. NETGEAR D6200 is a wireless modem. NETGEAR WNR2020 is a wireless router. \n\r\n\r\nThere are injection vulnerabilities in many NETGEAR products, which can be exploited by an attacker to cause the system or product to produce an incorrect interpretation or interpretation method",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18786"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014949"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31241"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18786",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014949",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31241",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1891",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31241"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014949"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1891"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18786"
          }
        ]
      },
      "id": "VAR-202004-1429",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31241"
          }
        ],
        "trust": 1.1998075455555555
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31241"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:44:36.285000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Command Injection on Some Routers, PSV-2017-2949",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049529/Security-Advisory-for-Command-Injection-on-Some-Routers-PSV-2017-2949"
          },
          {
            "title": "Patch for Multiple NETGEAR product injection vulnerabilities (CNVD-2020-31241)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/219873"
          },
          {
            "title": "Multiple NETGEAR Product Command Injection Vulnerability Fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116667"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31241"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014949"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1891"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-74",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014949"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18786"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18786"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000049529/security-advisory-for-command-injection-on-some-routers-psv-2017-2949"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18786"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31241"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014949"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1891"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18786"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31241"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014949"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1891"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18786"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31241"
          },
          {
            "date": "2020-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014949"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1891"
          },
          {
            "date": "2020-04-22T15:15:13.050000",
            "db": "NVD",
            "id": "CVE-2017-18786"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31241"
          },
          {
            "date": "2020-05-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014949"
          },
          {
            "date": "2020-04-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1891"
          },
          {
            "date": "2024-11-21T03:20:55.150000",
            "db": "NVD",
            "id": "CVE-2017-18786"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1891"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Injection vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014949"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1891"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1417

    Vulnerability from variot - Updated: 2024-11-23 22:41

    Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6220 before 1.1.0.50, R6700v2 before 1.2.0.4, R6800 before 1.2.0.4, R6900v2 before 1.2.0.4, WNDR3700v5 before 1.1.0.48, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR JNR1010, etc. are all wireless routers from NETGEAR.

    Injection vulnerabilities exist in many NETGEAR products. The vulnerability stems from the fact that the network system or product lacks the correct verification of the user input data during the operation process of the user inputting the construction command, data structure or record, and the special elements are not filtered or correctly filtered, resulting in the analysis or analysis of the system or product. The explanation is wrong. No detailed vulnerability details are currently provided

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1417",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.18"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "jwnr2010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.18"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.10"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "r6700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "r6800",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "r6900",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "wndr3700",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.4"
          },
          {
            "model": "wndr3700v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.48"
          },
          {
            "model": "jnr1010v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-52963"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014859"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18734"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:pr2000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6050_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6220_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6700_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6800_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6900_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:wndr3700_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014859"
          }
        ]
      },
      "cve": "CVE-2017-18734",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CVE-2017-18734",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014859",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-52963",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18734",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18734",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014859",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18734",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18734",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014859",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-52963",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1995",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-52963"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014859"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1995"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18734"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18734"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6220 before 1.1.0.50, R6700v2 before 1.2.0.4, R6800 before 1.2.0.4, R6900v2 before 1.2.0.4, WNDR3700v5 before 1.1.0.48, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR JNR1010, etc. are all wireless routers from NETGEAR. \n\r\n\r\nInjection vulnerabilities exist in many NETGEAR products. The vulnerability stems from the fact that the network system or product lacks the correct verification of the user input data during the operation process of the user inputting the construction command, data structure or record, and the special elements are not filtered or correctly filtered, resulting in the analysis or analysis of the system or product. The explanation is wrong. No detailed vulnerability details are currently provided",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18734"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014859"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-52963"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18734",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014859",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-52963",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1995",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-52963"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014859"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1995"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18734"
          }
        ]
      },
      "id": "VAR-202004-1417",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-52963"
          }
        ],
        "trust": 1.2135817773333333
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-52963"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:41:06.699000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Pre-Authentication Command Injection on Some Routers and Extenders, PSV-2017-2154",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000051521/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-Extenders-PSV-2017-2154"
          },
          {
            "title": "Patch for Injection vulnerabilities in multiple NETGEAR products (CNVD-2021-52963)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/280081"
          },
          {
            "title": "Multiple NETGEAR Fixing measures for product injection vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116757"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-52963"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014859"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1995"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-74",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014859"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18734"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18734"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000051521/security-advisory-for-pre-authentication-command-injection-on-some-routers-and-extenders-psv-2017-2154"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18734"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-52963"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014859"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1995"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18734"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-52963"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014859"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1995"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18734"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-52963"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014859"
          },
          {
            "date": "2020-04-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1995"
          },
          {
            "date": "2020-04-23T17:15:11.910000",
            "db": "NVD",
            "id": "CVE-2017-18734"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-52963"
          },
          {
            "date": "2020-05-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014859"
          },
          {
            "date": "2020-04-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1995"
          },
          {
            "date": "2024-11-21T03:20:47.090000",
            "db": "NVD",
            "id": "CVE-2017-18734"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1995"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Injection vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014859"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1995"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202010-0578

    Vulnerability from variot - Updated: 2024-11-23 22:40

    Certain NETGEAR devices are affected by CSRF. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JR6150 before 1.0.1.24, R6020 before 1.0.0.42, R6050 before 1.0.1.24, R6080 before 1.0.0.42, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6260 before 1.1.0.64, R6700v2 before 1.2.0.62, R6800 before 1.2.0.62, R6900v2 before 1.2.0.62, R7450 before 1.2.0.62, and WNR2020 before 1.1.0.62. plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202010-0578",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.100"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.38"
          },
          {
            "model": "r6260",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.64"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.24"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r7450",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.62"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.42"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.62"
          },
          {
            "model": "d6200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "jr6150",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6020",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6050",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6080",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6120",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6220",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6260",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6700v2",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012216"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26912"
          }
        ]
      },
      "cve": "CVE-2020-26912",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2020-26912",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2020-26912",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-26912",
                "impactScore": 5.8,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-26912",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-26912",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2020-26912",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-26912",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202010-343",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012216"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-343"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26912"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26912"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by CSRF. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JR6150 before 1.0.1.24, R6020 before 1.0.0.42, R6050 before 1.0.1.24, R6080 before 1.0.0.42, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6260 before 1.1.0.64, R6700v2 before 1.2.0.62, R6800 before 1.2.0.62, R6900v2 before 1.2.0.62, R7450 before 1.2.0.62, and WNR2020 before 1.1.0.62. plural NETGEAR A cross-site request forgery vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-26912"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012216"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-26912",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012216",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-343",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012216"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-343"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26912"
          }
        ]
      },
      "id": "VAR-202010-0578",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4178845215384615
      },
      "last_update_date": "2024-11-23T22:40:56.322000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Cross\u00a0Site\u00a0Request\u00a0Forgery\u00a0on\u00a0Some\u00a0Routers,\u00a0PSV-2019-0018",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000062341/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Routers-PSV-2019-0018"
          },
          {
            "title": "Multiple  NETGEAR Repair measures for product cross-site request forgery vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=131130"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012216"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-343"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-352",
            "trust": 1.0
          },
          {
            "problemtype": "Cross-site request forgery (CWE-352) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012216"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26912"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000062341/security-advisory-for-cross-site-request-forgery-on-some-routers-psv-2019-0018"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-26912"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012216"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-343"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26912"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012216"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-343"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-26912"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-04-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012216"
          },
          {
            "date": "2020-10-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202010-343"
          },
          {
            "date": "2020-10-09T07:15:16.980000",
            "db": "NVD",
            "id": "CVE-2020-26912"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-04-27T05:42:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-012216"
          },
          {
            "date": "2020-10-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202010-343"
          },
          {
            "date": "2024-11-21T05:20:28.717000",
            "db": "NVD",
            "id": "CVE-2020-26912"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-343"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Cross-site request forgery vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-012216"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "cross-site request forgery",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202010-343"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202112-2293

    Vulnerability from variot - Updated: 2024-11-23 22:40

    Certain NETGEAR devices are affected by server-side injection. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6050 before 1.0.1.26, JR6150 before 1.0.1.26, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, RBK40 before 2.5.1.16, RBR40 before 2.5.1.16, RBS40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, and RBS50Y before 2.6.1.40. plural NETGEAR The device has an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D6200 prior to 1.1.00.38, D7000 prior to 1.0.1.78, R6020 prior to 1.0.0.48, R6080 prior to 1.0.0.48, R6050 prior to 1.0.1.26, JR6150 prior to 1.0.1.26, R6120 prior to 1.0.0.66, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6260 prior to 1.1.0.78, R6800 prior to 1.2.0.76, R6900v2 prior to 1.2.0.76, R6700v2 prior to 1.2.0.76, R7450 prior to 1.2.0.76, AC2100 prior to 1.2.0.76, AC2400 prior to 1.2.0.76, AC2600 prior to 1.2.0.76, RBK40 prior to 2.5.1.16, RBR40 prior to 2.5.1.16, RBS40 prior to 2.5.1.16, RBK20 prior to 2.5.1.16, RBR20 prior to 2.5.1.16, RBS20 prior to 2.5.1.16, RBK50 prior to 2.5.1.16, RBR50 prior to 2.5.1.16, RBS50 prior to 2.5.1.16, and RBS50Y prior to 2.6.1.40

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2293",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.78"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.76"
          },
          {
            "model": "rbr50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.1.16"
          },
          {
            "model": "ac2100",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.76"
          },
          {
            "model": "rbr40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.1.16"
          },
          {
            "model": "rbk40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.1.16"
          },
          {
            "model": "ac2400",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.76"
          },
          {
            "model": "rbk20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.1.16"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.66"
          },
          {
            "model": "rbk50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.1.16"
          },
          {
            "model": "rbs20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.1.16"
          },
          {
            "model": "ac2600",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.76"
          },
          {
            "model": "r7450",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.76"
          },
          {
            "model": "rbs50",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.1.16"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.76"
          },
          {
            "model": "rbs50y",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.6.1.40"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.76"
          },
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.00.38"
          },
          {
            "model": "r6230",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.110"
          },
          {
            "model": "rbs40",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.1.16"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.0.48"
          },
          {
            "model": "rbr20",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "2.5.1.16"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.0.1.26"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.100"
          },
          {
            "model": "r6260",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.78"
          },
          {
            "model": "r6230",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d7000",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6220",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6020",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "d6200",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6260",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6080",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6120",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "r6050",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          },
          {
            "model": "jr6150",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017040"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45656"
          }
        ]
      },
      "cve": "CVE-2021-45656",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-45656",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2021-45656",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2021-45656",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-45656",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-45656",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2021-45656",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-45656",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202112-2452",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2021-45656",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45656"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017040"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2452"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45656"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45656"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by server-side injection. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6050 before 1.0.1.26, JR6150 before 1.0.1.26, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, RBK40 before 2.5.1.16, RBR40 before 2.5.1.16, RBS40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, and RBS50Y before 2.6.1.40. plural NETGEAR The device has an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D6200 prior to 1.1.00.38, D7000 prior to 1.0.1.78, R6020 prior to 1.0.0.48, R6080 prior to 1.0.0.48, R6050 prior to 1.0.1.26, JR6150 prior to 1.0.1.26, R6120 prior to 1.0.0.66, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6260 prior to 1.1.0.78, R6800 prior to 1.2.0.76, R6900v2 prior to 1.2.0.76, R6700v2 prior to 1.2.0.76, R7450 prior to 1.2.0.76, AC2100 prior to 1.2.0.76, AC2400 prior to 1.2.0.76, AC2600 prior to 1.2.0.76, RBK40 prior to 2.5.1.16, RBR40 prior to 2.5.1.16, RBS40 prior to 2.5.1.16, RBK20 prior to 2.5.1.16, RBR20 prior to 2.5.1.16, RBS20 prior to 2.5.1.16, RBK50 prior to 2.5.1.16, RBR50 prior to 2.5.1.16, RBS50 prior to 2.5.1.16, and RBS50Y prior to 2.6.1.40",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-45656"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017040"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45656"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-45656",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017040",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2452",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-45656",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45656"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017040"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2452"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45656"
          }
        ]
      },
      "id": "VAR-202112-2293",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.2974710195238095
      },
      "last_update_date": "2024-11-23T22:40:38.199000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security\u00a0Advisory\u00a0for\u00a0Server\u00a0Side\u00a0Injection\u00a0on\u00a0Some\u00a0Routers\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2019-0140",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000064066/Security-Advisory-for-Server-Side-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2019-0140"
          },
          {
            "title": "Netgear NETGEAR Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176214"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017040"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2452"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-74",
            "trust": 1.0
          },
          {
            "problemtype": "injection (CWE-74) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017040"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45656"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://kb.netgear.com/000064066/security-advisory-for-server-side-injection-on-some-routers-and-wifi-systems-psv-2019-0140"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45656"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/74.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45656"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017040"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2452"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45656"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2021-45656"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017040"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2452"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-45656"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-26T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45656"
          },
          {
            "date": "2022-12-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017040"
          },
          {
            "date": "2021-12-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2452"
          },
          {
            "date": "2021-12-26T01:15:20.373000",
            "db": "NVD",
            "id": "CVE-2021-45656"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-07-12T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-45656"
          },
          {
            "date": "2022-12-28T02:46:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017040"
          },
          {
            "date": "2022-07-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202112-2452"
          },
          {
            "date": "2024-11-21T06:32:48.053000",
            "db": "NVD",
            "id": "CVE-2021-45656"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2452"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0NETGEAR\u00a0 Device Injection Vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017040"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202112-2452"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1343

    Vulnerability from variot - Updated: 2024-11-23 22:37

    Certain NETGEAR devices are affected by a buffer overflow. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6050 before 1.0.1.12, R6080 before 1.0.0.26, R6120 before 1.0.0.36, R6220 before 1.1.0.60, R6700v2 before 1.2.0.12, R6800 before 1.2.0.12, R6900v2 before 1.2.0.12, WNDR3700v5 before 1.1.0.50, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6200, etc. are all products of NETGEAR. NETGEAR D6200 is a wireless modem. NETGEAR WNR2020 is a wireless router. NETGEAR R6220 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1343",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.60"
          },
          {
            "model": "jr6150",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jr6150",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "jwnr2010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "r6020",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6080",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6120",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "jnr1010v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "wndr3700v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.50"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31325"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014918"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18779"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jr6150_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:pr2000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6020_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6050_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6080_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6120_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014918"
          }
        ]
      },
      "cve": "CVE-2017-18779",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2017-18779",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 4.6,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014918",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.6,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CNVD-2020-31325",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2017-18779",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "HIGH",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.5,
                "id": "CVE-2017-18779",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014918",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18779",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18779",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014918",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-31325",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1883",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31325"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014918"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1883"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18779"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18779"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by a buffer overflow. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6050 before 1.0.1.12, R6080 before 1.0.0.26, R6120 before 1.0.0.36, R6220 before 1.1.0.60, R6700v2 before 1.2.0.12, R6800 before 1.2.0.12, R6900v2 before 1.2.0.12, WNDR3700v5 before 1.1.0.50, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A classic buffer overflow vulnerability exists on the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D6200, etc. are all products of NETGEAR. NETGEAR D6200 is a wireless modem. NETGEAR WNR2020 is a wireless router. NETGEAR R6220 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18779"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014918"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31325"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18779",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014918",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31325",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1883",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31325"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014918"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1883"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18779"
          }
        ]
      },
      "id": "VAR-202004-1343",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31325"
          }
        ],
        "trust": 1.142545423
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31325"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:37:25.089000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Buffer Overflow on Some Routers, PSV-2017-2956",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049541/Security-Advisory-for-Buffer-Overflow-on-Some-Routers-PSV-2017-2956"
          },
          {
            "title": "Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-31325)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/220035"
          },
          {
            "title": "Multiple NETGEAR Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116659"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31325"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014918"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1883"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014918"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18779"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18779"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000049541/security-advisory-for-buffer-overflow-on-some-routers-psv-2017-2956"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18779"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31325"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014918"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1883"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18779"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31325"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014918"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1883"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18779"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31325"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014918"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1883"
          },
          {
            "date": "2020-04-22T15:15:12.410000",
            "db": "NVD",
            "id": "CVE-2017-18779"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-03T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31325"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014918"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1883"
          },
          {
            "date": "2024-11-21T03:20:53.920000",
            "db": "NVD",
            "id": "CVE-2017-18779"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1883"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Classic buffer overflow vulnerability in device",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014918"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1883"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202004-1427

    Vulnerability from variot - Updated: 2024-11-23 22:37

    Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6050 before 1.0.1.12, R6080 before 1.0.0.26, R6120 before 1.0.0.36, R6220 before 1.1.0.60, R6700v2 before 1.2.0.12, R6800 before 1.2.0.12, R6900v2 before 1.2.0.12, WNDR3700v5 before 1.1.0.50, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D6200, etc. NETGEAR D6200 is a wireless modem. NETGEAR WNR2020 is a wireless router. NETGEAR R6220 is a wireless router. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1427",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "d6200",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "r6120",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "r6020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6080",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6220",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.60"
          },
          {
            "model": "pr2000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "r6050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "wnr2020",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr2050",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "d7000",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "r6800",
            "scope": "lt",
            "trust": 1.6,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "wndr3700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.50"
          },
          {
            "model": "jwnr2010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jnr1010",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r6700",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "r6900",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "d6200",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.00.24"
          },
          {
            "model": "d7000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.52"
          },
          {
            "model": "jnr1010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "pr2000",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.20"
          },
          {
            "model": "r6020",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6050",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.1.12"
          },
          {
            "model": "r6080",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.26"
          },
          {
            "model": "r6120",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.0.0.36"
          },
          {
            "model": "r6220",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "netgear",
            "version": "1.1.0.60"
          },
          {
            "model": "jnr1010v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "jwnr2010v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "wnr1000v4",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.44"
          },
          {
            "model": "r6900v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "r6700v2",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.2.0.12"
          },
          {
            "model": "wndr3700v5",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "netgear",
            "version": "1.1.0.50"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31239"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014913"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18784"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:netgear:d6200_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:d7000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jnr1010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:jwnr2010_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:pr2000_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6020_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6050_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6080_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6120_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:netgear:r6220_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014913"
          }
        ]
      },
      "cve": "CVE-2017-18784",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2017-18784",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.3,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014913",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2020-31239",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "id": "CVE-2017-18784",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "cve@mitre.org",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.8,
                "id": "CVE-2017-18784",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 6.1,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2017-014913",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2017-18784",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "cve@mitre.org",
                "id": "CVE-2017-18784",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2017-014913",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-31239",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202004-1889",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31239"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014913"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1889"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18784"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18784"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6050 before 1.0.1.12, R6080 before 1.0.0.26, R6120 before 1.0.0.36, R6220 before 1.1.0.60, R6700v2 before 1.2.0.12, R6800 before 1.2.0.12, R6900v2 before 1.2.0.12, WNDR3700v5 before 1.1.0.50, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D6200, etc. NETGEAR D6200 is a wireless modem. NETGEAR WNR2020 is a wireless router. NETGEAR R6220 is a wireless router. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-18784"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014913"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31239"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-18784",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014913",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-31239",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1889",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31239"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014913"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1889"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18784"
          }
        ]
      },
      "id": "VAR-202004-1427",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31239"
          }
        ],
        "trust": 1.1497813663157894
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31239"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:37:24.987000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Security Advisory for Cross-Site Scripting on Some Routers, PSV-2017-2951",
            "trust": 0.8,
            "url": "https://kb.netgear.com/000049535/Security-Advisory-for-Cross-Site-Scripting-on-Some-Routers-PSV-2017-2951"
          },
          {
            "title": "Patch for Multiple NETGEAR product cross-site scripting vulnerabilities (CNVD-2020-31239)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/219889"
          },
          {
            "title": "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116665"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31239"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014913"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1889"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014913"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18784"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18784"
          },
          {
            "trust": 1.6,
            "url": "https://kb.netgear.com/000049535/security-advisory-for-cross-site-scripting-on-some-routers-psv-2017-2951"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18784"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31239"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014913"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1889"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18784"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-31239"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014913"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1889"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-18784"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31239"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014913"
          },
          {
            "date": "2020-04-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1889"
          },
          {
            "date": "2020-04-22T15:15:12.770000",
            "db": "NVD",
            "id": "CVE-2017-18784"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-02T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-31239"
          },
          {
            "date": "2020-05-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014913"
          },
          {
            "date": "2020-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202004-1889"
          },
          {
            "date": "2024-11-21T03:20:54.773000",
            "db": "NVD",
            "id": "CVE-2017-18784"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1889"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  NETGEAR Cross-site scripting vulnerabilities in devices",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014913"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202004-1889"
          }
        ],
        "trust": 0.6
      }
    }