CSRF Vulnerability in NETGEAR Routers and Gateways
CVE-2017-18703

8.8HIGH

Key Information:

Vendor: Netgear
Status: D1500 Firmware
Vendor: CVE Published:; 24 April 2020

Summary

Certain NETGEAR routers and gateways are susceptible to Cross-Site Request Forgery (CSRF), allowing unauthorized commands to be performed on the devices without user consent. This vulnerability affects various models, which, if exploited, could compromise the security integrity of connected networks. Users are advised to update their devices to the latest firmware version to mitigate potential risks and ensure security compliance.

References

https://kb.netgear.com/000053199/Security-Advisory-for-Cr...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 24, 2020
Vulnerability Reserved
Apr 20, 2020