Authentication Bypass in NETGEAR Routers Affecting Multiple Models
CVE-2017-18743

8.8HIGH

Key Information:

Vendor: Netgear
Status: R6300 Firmware
Vendor: CVE Published:; 23 April 2020

Summary

Certain NETGEAR routers have a critical authentication bypass vulnerability that allows unauthorized access. This flaw affects various models running specific firmware versions prior to their respective updates. Attackers could exploit this vulnerability to gain access to the network and potentially compromise connected devices. Users are advised to update their routers to the latest firmware versions to mitigate risks.

References

https://kb.netgear.com/000051512/Security-Advisory-for-Au...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 23, 2020
Vulnerability Reserved
Apr 20, 2020