CVE-2017-18762

HIGH Year: 2017
CVSS v3 Score
8.8
High
CVSS v2 Score
5.8
Medium
Weakness Type
CWE-74
View all →

Vulnerability Description

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6100 before 1.0.0.57, R6100 before 1.0.1.16, R6900P before 1.2.0.22, R7000 before 1.0.9.10, R7000P before 1.2.0.22, R7100LG before 1.0.0.40, WNDR3700v4 before 1.0.2.88, WNDR4300v1 before 1.0.2.90, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, and WNR2000v5 before 1.0.0.58.

Related Vulnerabilities

CVE-2013-3628

HIGH
CVSS:8.8(High)

Zabbix 2.0.9 has an Arbitrary Command Execution Vulnerability

CWE-742013

CVE-2014-5083

HIGH
CVSS:8.8(High)

A Command Execution vulnerability exists in Sphider before 1.3.6 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5083 p...

CWE-742014

CVE-2014-5084

HIGH
CVSS:8.8(High)

A Command Execution vulnerability exists in Sphider Pro 3.2 due to insufficient sanitization of fwrite, which could let a remote malicious user execute arbitrary code. CVE-2014-5084 pertains to instan...

CWE-742014

CVE-2014-5085

HIGH
CVSS:8.8(High)

A Command Execution vulnerability exists in Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5085 perta...

CWE-742014

CVE-2014-5086

HIGH
CVSS:8.8(High)

A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CV...

CWE-742014