Command Execution Vulnerability in NETGEAR Wireless Access Points
CVE-2017-18863

7.1HIGH

Key Information:

Vendor: Netgear
Status: Wn604 Firmware
Vendor: CVE Published:; 28 April 2020

Summary

Certain NETGEAR wireless access points are susceptible to a command execution vulnerability through a flaw in a PHP form. This vulnerability can allow an attacker to execute arbitrary commands on the affected devices, posing significant risks to network security. Devices including WN604, WNAP210v2, and others have been identified as vulnerable, with various firmware versions at risk. Users are encouraged to review the security advisory for mitigation strategies.

References

https://kb.netgear.com/000037827/Security-Advisory-for-PH...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 28, 2020
Vulnerability Reserved
Apr 27, 2020