Sign-up

ID

VAR-202004-1462


CVE

CVE-2017-18702


TITLE

NETGEAR R6220 Vulnerabilities in devices

Trust: 0.8

sources: JVNDB: JVNDB-2017-014996

DESCRIPTION

NETGEAR R6220 devices before 1.1.0.60 are affected by incorrect configuration of security settings. NETGEAR R6220 An unspecified vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR R6220 is a wireless router of NETGEAR. There are security vulnerabilities in NETGEAR R6220 before 1.1.0.60. No detailed vulnerability details are currently available

Trust: 2.25

sources: NVD: CVE-2017-18702 // JVNDB: JVNDB-2017-014996 // CNVD: CNVD-2020-28012 // VULMON: CVE-2017-18702

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-28012

AFFECTED PRODUCTS

vendor:netgearmodel:r6220scope:ltversion:1.1.0.60

Trust: 1.6

vendor:netgearmodel:r6220scope:eqversion:1.1.0.60

Trust: 0.8

vendor:netgearmodel:r6220scope:eqversion:1.1.0.46

Trust: 0.1

vendor:netgearmodel:r6220scope:eqversion:1.1.0.50

Trust: 0.1

sources: CNVD: CNVD-2020-28012 // VULMON: CVE-2017-18702 // JVNDB: JVNDB-2017-014996 // NVD: CVE-2017-18702

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-18702
value: MEDIUM

Trust: 1.0

cve@mitre.org: CVE-2017-18702
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2017-014996
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2020-28012
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202004-2122
value: MEDIUM

Trust: 0.6

VULMON: CVE-2017-18702
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-18702
severity: MEDIUM
baseScore: 4.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2017-014996
severity: MEDIUM
baseScore: 4.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:N
accessVector: ADJACENT NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-28012
severity: MEDIUM
baseScore: 4.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2017-18702
baseSeverity: MEDIUM
baseScore: 5.4
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 2.5
version: 3.1

Trust: 1.0

cve@mitre.org: CVE-2017-18702
baseSeverity: MEDIUM
baseScore: 5.2
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.1
impactScore: 2.7
version: 3.0

Trust: 1.0

NVD: JVNDB-2017-014996
baseSeverity: MEDIUM
baseScore: 5.4
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-28012 // VULMON: CVE-2017-18702 // JVNDB: JVNDB-2017-014996 // CNNVD: CNNVD-202004-2122 // NVD: CVE-2017-18702 // NVD: CVE-2017-18702

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2017-18702

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202004-2122

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202004-2122

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-014996

PATCH
title:Security Advisory for Security Misconfiguration on R6220, PSV-2017-2211url:https://kb.netgear.com/000053200/Security-Advisory-for-Security-Misconfiguration-on-R6220-PSV-2017-2211
Trust: 0.8
title:Patch for NETGEAR R6220 has an unknown vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/217297
Trust: 0.6
title:NETGEAR R6220 Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117045
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-28012 // 
            
            
            
            JVNDB: JVNDB-2017-014996 // 
            
            
            
            CNNVD: CNNVD-202004-2122

EXTERNAL IDS
db:NVDid:CVE-2017-18702
Trust: 3.1
db:JVNDBid:JVNDB-2017-014996
Trust: 0.8
db:CNVDid:CNVD-2020-28012
Trust: 0.6
db:CNNVDid:CNNVD-202004-2122
Trust: 0.6
db:VULMONid:CVE-2017-18702
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2020-28012 // 
            
            
            
            VULMON: CVE-2017-18702 // 
            
            
            
            JVNDB: JVNDB-2017-014996 // 
            
            
            
            CNNVD: CNNVD-202004-2122 // 
            
            
            
            NVD: CVE-2017-18702

REFERENCES
url:https://nvd.nist.gov/vuln/detail/cve-2017-18702
Trust: 2.0
url:https://kb.netgear.com/000053200/security-advisory-for-security-misconfiguration-on-r6220-psv-2017-2211
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18702
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2020-28012 // 
            
            
            
            VULMON: CVE-2017-18702 // 
            
            
            
            JVNDB: JVNDB-2017-014996 // 
            
            
            
            CNNVD: CNNVD-202004-2122 // 
            
            
            
            NVD: CVE-2017-18702

SOURCES
db:CNVDid:CNVD-2020-28012
db:VULMONid:CVE-2017-18702
db:JVNDBid:JVNDB-2017-014996
db:CNNVDid:CNNVD-202004-2122
db:NVDid:CVE-2017-18702

LAST UPDATE DATE
2024-11-23T22:55:10.404000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-28012date:2020-05-13T00:00:00
db:VULMONid:CVE-2017-18702date:2020-05-01T00:00:00
db:JVNDBid:JVNDB-2017-014996date:2020-06-03T00:00:00
db:CNNVDid:CNNVD-202004-2122date:2020-05-06T00:00:00
db:NVDid:CVE-2017-18702date:2024-11-21T03:20:42.163

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-28012date:2020-05-13T00:00:00
db:VULMONid:CVE-2017-18702date:2020-04-24T00:00:00
db:JVNDBid:JVNDB-2017-014996date:2020-06-03T00:00:00
db:CNNVDid:CNNVD-202004-2122date:2020-04-24T00:00:00
db:NVDid:CVE-2017-18702date:2020-04-24T15:15:12.487