Details of VAR-202004-1367

ID

VAR-202004-1367

CVE

CVE-2017-18765

TITLE

plural NETGEAR Vulnerabilities in devices

Trust: 0.8

sources: JVNDB: JVNDB-2017-014944

DESCRIPTION

Certain NETGEAR devices are affected by denial of service. This affects R6300v2 before 1.0.4.8, R6400 before 1.0.1.22, R6400v2 before 1.0.2.32, R6700 before 1.0.1.20, R6900 before 1.0.1.20, WNR3500Lv2 before 1.2.0.44, and WNR2000v2 before 1.2.0.8. plural NETGEAR An unspecified vulnerability exists in the device.Service operation interruption (DoS) It may be put into a state. NETGEAR WNR3500L, etc. are all wireless routers from NETGEAR. There are security vulnerabilities in many NETGEAR products

Trust: 2.16

sources: NVD: CVE-2017-18765 // JVNDB: JVNDB-2017-014944 // CNVD: CNVD-2021-59160

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-59160

AFFECTED PRODUCTS

vendor:	netgear	model:	r6700	scope:	lt	version:	1.0.1.20	Trust: 1.6
vendor:	netgear	model:	r6900	scope:	lt	version:	1.0.1.20	Trust: 1.6
vendor:	netgear	model:	r6400	scope:	lt	version:	1.0.1.22	Trust: 1.6
vendor:	netgear	model:	wnr2000	scope:	lt	version:	1.2.0.8	Trust: 1.0
vendor:	netgear	model:	r6400	scope:	lt	version:	1.0.2.32	Trust: 1.0
vendor:	netgear	model:	wnr3500l	scope:	lt	version:	1.2.0.44	Trust: 1.0
vendor:	netgear	model:	r6300	scope:	lt	version:	1.0.4.8	Trust: 1.0
vendor:	netgear	model:	r6300	scope:	eq	version:	1.0.4.8	Trust: 0.8
vendor:	netgear	model:	r6400	scope:	eq	version:	1.0.1.22	Trust: 0.8
vendor:	netgear	model:	r6400	scope:	eq	version:	1.0.2.32	Trust: 0.8
vendor:	netgear	model:	r6700	scope:	eq	version:	1.0.1.20	Trust: 0.8
vendor:	netgear	model:	r6900	scope:	eq	version:	1.0.1.20	Trust: 0.8
vendor:	netgear	model:	wnr2000	scope:	eq	version:	1.2.0.8	Trust: 0.8
vendor:	netgear	model:	wnr3500l	scope:	eq	version:	1.2.0.44	Trust: 0.8
vendor:	netgear	model:	r6400v2	scope:	lt	version:	1.0.2.32	Trust: 0.6
vendor:	netgear	model:	r6300v2	scope:	lt	version:	1.0.4.8	Trust: 0.6
vendor:	netgear	model:	wnr2000v2	scope:	lt	version:	1.2.0.8	Trust: 0.6
vendor:	netgear	model:	wnr3500lv2	scope:	lt	version:	1.2.0.44	Trust: 0.6

sources: CNVD: CNVD-2021-59160 // JVNDB: JVNDB-2017-014944 // NVD: CVE-2017-18765

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-18765
value:	MEDIUM
Trust: 1.0
cve@mitre.org:	CVE-2017-18765
value:	MEDIUM
Trust: 1.0
NVD:	JVNDB-2017-014944
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2021-59160
value:	LOW
Trust: 0.6
CNNVD:	CNNVD-202004-1911
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2017-18765
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	6.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	JVNDB-2017-014944
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector:	ADJACENT NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2021-59160
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	6.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2017-18765
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0
cve@mitre.org:	CVE-2017-18765
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.0
Trust: 1.0
NVD:	JVNDB-2017-014944
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2021-59160 // JVNDB: JVNDB-2017-014944 // CNNVD: CNNVD-202004-1911 // NVD: CVE-2017-18765 // NVD: CVE-2017-18765

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2017-18765

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202004-1911

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202004-1911

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-014944

PATCH

title:	Security Advisory for Denial of Service on Some Routers, PSV-2017-0648	url:	https://kb.netgear.com/000051480/Security-Advisory-for-Denial-of-Service-on-Some-Routers-PSV-2017-0648	Trust: 0.8
title:	Patch for Denial of service vulnerabilities in multiple NETGEAR products	url:	https://www.cnvd.org.cn/patchInfo/show/284341	Trust: 0.6
title:	Multiple NETGEAR Product security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116682	Trust: 0.6

sources: CNVD: CNVD-2021-59160 // JVNDB: JVNDB-2017-014944 // CNNVD: CNNVD-202004-1911

EXTERNAL IDS

db:	NVD	id:	CVE-2017-18765	Trust: 3.0
db:	JVNDB	id:	JVNDB-2017-014944	Trust: 0.8
db:	CNVD	id:	CNVD-2021-59160	Trust: 0.6
db:	CNNVD	id:	CNNVD-202004-1911	Trust: 0.6

sources: CNVD: CNVD-2021-59160 // JVNDB: JVNDB-2017-014944 // CNNVD: CNNVD-202004-1911 // NVD: CVE-2017-18765

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2017-18765	Trust: 2.0
url:	https://kb.netgear.com/000051480/security-advisory-for-denial-of-service-on-some-routers-psv-2017-0648	Trust: 1.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18765	Trust: 0.8

sources: CNVD: CNVD-2021-59160 // JVNDB: JVNDB-2017-014944 // CNNVD: CNNVD-202004-1911 // NVD: CVE-2017-18765

SOURCES

db:	CNVD	id:	CNVD-2021-59160
db:	JVNDB	id:	JVNDB-2017-014944
db:	CNNVD	id:	CNNVD-202004-1911
db:	NVD	id:	CVE-2017-18765

LAST UPDATE DATE

2024-11-23T22:48:01.613000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2021-59160	date:	2021-08-08T00:00:00
db:	JVNDB	id:	JVNDB-2017-014944	date:	2020-05-22T00:00:00
db:	CNNVD	id:	CNNVD-202004-1911	date:	2020-04-28T00:00:00
db:	NVD	id:	CVE-2017-18765	date:	2024-11-21T03:20:51.913

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2021-59160	date:	2021-08-08T00:00:00
db:	JVNDB	id:	JVNDB-2017-014944	date:	2020-05-22T00:00:00
db:	CNNVD	id:	CNNVD-202004-1911	date:	2020-04-22T00:00:00
db:	NVD	id:	CVE-2017-18765	date:	2020-04-22T16:15:11.543