CVE-2017-18700

Published Apr 24, 2020
Last updated 5 years ago
CVSS medium 6.1
Overview

Description: Certain NETGEAR devices are affected by stored XSS. This affects D6400 before 1.0.0.60, D7000 before 1.0.1.50, D8500 before 1.0.3.29, EX6200 before 1.0.3.84, EX7000 before 1.0.0.60, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.56, R7900 before 1.0.1.26, R8000 before 1.0.4.4, R8300 before 1.0.2.106, R8500 before 1.0.2.106, R9000 before 1.0.2.52, WNDR3400v3 before 1.0.1.16, WNR3500Lv2 before 1.2.0.46, and WNDR3700v5 before 1.1.0.48.
Source: cve@mitre.org
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 6.1
Impact score: 2.7
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Severity: MEDIUM
CVSS 3.0

Type: Secondary
Base score: 5.2
Impact score: 2.7
Exploitability score: 2.1
Vector string: CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-79
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D1F0B30-4BB4-4573-BE0D-381B31CD2A36",
            "versionEndExcluding": "1.0.0.60"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AF04B65B-9685-4595-9C71-0F77AD7109BE"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A94DD9D-0F07-4FD7-B1B0-1DD1E319B092",
            "versionEndExcluding": "1.0.1.50"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20564DE0-E58D-4628-ADD6-AC7C90AD85F7",
            "versionEndExcluding": "1.0.3.29"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4BC0A4D-0C9D-47AD-9A9A-3416E812EC7D",
            "versionEndExcluding": "1.0.3.84"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42A19A73-B5FC-4D14-82D0-2128D3E7178B",
            "versionEndExcluding": "1.0.0.60"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5E7A8CA-134F-49B4-95D6-79A88CD6BB80",
            "versionEndExcluding": "1.0.4.16"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55058831-92FF-4A87-8340-E25AC0DDF89E",
            "versionEndExcluding": "1.0.4.18"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "10938043-F7DF-42C3-8C16-F92CAF8E5576"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54D9B854-7E18-439E-8FD2-C0EC88DA6222",
            "versionEndExcluding": "1.01.32"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDC0DA75-5EB9-4F53-99A9-798FFBFD0C15",
            "versionEndExcluding": "1.0.2.44"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "442F153C-737B-44D4-9A6D-EB6F6C47B986",
            "versionEndExcluding": "1.0.1.36"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81F70E0C-3674-4981-B815-0721F6C6E588",
            "versionEndExcluding": "1.0.1.34"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "326BBECA-9A76-4A3E-90F7-023797D5D186",
            "versionEndExcluding": "1.3.0.8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDE61DB5-86A6-4810-91CC-18D05DC09507",
            "versionEndExcluding": "1.0.9.14"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09963BE1-D57D-491A-9BD8-A1A46ED993E0",
            "versionEndExcluding": "1.3.0.8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2FB08FA1-A476-4E05-9904-9BE30C9E77B7",
            "versionEndExcluding": "1.0.0.34"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7508FAE-C117-4E21-8D3D-0016E25363DB",
            "versionEndExcluding": "1.0.0.56"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C75148EB-DE6C-4C5C-BF34-4800A66CF11C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B72579C-51F1-4F16-8FDE-544229C25B07",
            "versionEndExcluding": "1.0.1.26"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "78819A69-AF43-4741-AE4D-5FEC4280F25F",
            "versionEndExcluding": "1.0.4.4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCE9CF95-192E-4D43-9DAD-2C8D9AF045E9",
            "versionEndExcluding": "1.0.2.106"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4DFD7557-D13D-40EB-94AD-AF092CDE587A",
            "versionEndExcluding": "1.0.2.106"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "679AAEA7-6415-4BBA-AE95-887C2CA609DC",
            "versionEndExcluding": "1.0.2.52"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72DCD4C0-A757-4F98-97BD-FB1FEBF3235C",
            "versionEndExcluding": "1.0.1.16"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB542F95-5AE2-47E4-BD7B-34134B26AA4F",
            "versionEndExcluding": "1.2.0.46"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C8DE4BFA-41DE-4748-ACC7-14362333A059"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:wndr3700_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD1F416B-C938-4AE3-B93E-03087575FF40",
            "versionEndExcluding": "1.1.0.48"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:wndr3700:v5:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EC5B6CB8-D439-42D5-ACAE-6246874EA5F0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
