How severe is CVE-2017-18850?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.4 out of 10.

What type of vulnerability is CVE-2017-18850?

This is classified as CWE-287, which is a common weakness in software security.

CVE-2017-18850

HIGH Year: 2017

CVSS v3 Score

8.4

High

CVSS v2 Score

4.6

Medium

Weakness Type

CWE-287

View all →

Vulnerability Description

Certain NETGEAR devices are affected by authentication bypass. This affects D6220 before 1.0.0.26, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.12, R6400 before 1.01.24, R6400v2 before 1.0.2.30, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R6900P before 1.0.0.56, R7000 before 1.0.9.4, R7000P before 1.0.0.56, R7100LG before 1.0.0.32, R7300DST before 1.0.0.54, R7900 before 1.0.1.18, R8000 before 1.0.3.44, R8300 before 1.0.2.100_1.0.82, and R8500 before 1.0.2.100_1.0.82.

CVE-2013-2120

HIGH

CVSS:8.4(High)

The %{password(...)} macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass ...

CWE-2872013

CVE-2017-18776

HIGH

CVSS:8.4(High)

Certain NETGEAR devices are affected by authentication bypass. This affects D6100 before V1.0.0.55, D7000 before V1.0.1.50, D7800 before V1.0.1.24, JNR1010v2 before 1.1.0.40, JWNR2010v5 before 1.1.0.4...

CWE-2872017

CVE-2020-13365

HIGH

CVSS:8.4(High)

Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. This affects ...

CWE-2872020

CVE-2015-6480

HIGH

CVSS:8.3(High)

The MessageBrokerServlet servlet in Moxa OnCell Central Manager before 2.2 does not require authentication, which allows remote attackers to obtain administrative access via a command, as demonstrated...

CWE-2872015

CVE-2015-7521

HIGH

CVSS:8.3(High)

The authorization framework in Apache Hive 1.0.0, 1.0.1, 1.1.0, 1.1.1, 1.2.0 and 1.2.1, on clusters protected by Ranger and SqlStdHiveAuthorization, allows attackers to bypass intended parent table ac...

CWE-2872015

CVE-2017-1000106

HIGH

CVSS:8.5(High)

Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines i...

CWE-2872017

CVE-2017-18850

Vulnerability Description

Related Vulnerabilities

CVE-2013-2120

CVE-2017-18776

CVE-2020-13365

CVE-2015-6480

CVE-2015-7521

CVE-2017-1000106