Sign-up

ID

VAR-202004-1558


CVE

CVE-2018-21122


TITLE

plural NETGEAR Input verification vulnerabilities on devices

Trust: 0.8

sources: JVNDB: JVNDB-2018-016303

DESCRIPTION

Certain NETGEAR devices are affected by denial of service. This affects GS110EMX before 1.0.0.9, GS810EMX before 1.0.0.5, XS512EM before 1.0.0.6, and XS724EM before 1.0.0.6. plural NETGEAR The device contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state. NETGEAR XS512EM, etc. are all products of NETGEAR. NETGEAR XS512EM is a switch. NETGEAR XS724EM is a switch. NETGEAR GS810EMX is an Ethernet switch. There are security vulnerabilities in many NETGEAR products

Trust: 2.16

sources: NVD: CVE-2018-21122 // JVNDB: JVNDB-2018-016303 // CNVD: CNVD-2021-59163

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-59163

AFFECTED PRODUCTS

vendor:netgearmodel:gs810emxscope:ltversion:1.0.0.5

Trust: 1.6

vendor:netgearmodel:xs512emscope:ltversion:1.0.0.6

Trust: 1.6

vendor:netgearmodel:xs724emscope:ltversion:1.0.0.6

Trust: 1.6

vendor:netgearmodel:gs110emxscope:ltversion:1.0.0.9

Trust: 1.6

vendor:netgearmodel:gs110emxscope:eqversion:1.0.0.9

Trust: 0.8

vendor:netgearmodel:gs810emxscope:eqversion:1.0.0.5

Trust: 0.8

vendor:netgearmodel:xs512emscope:eqversion:1.0.0.6

Trust: 0.8

vendor:netgearmodel:xs724emscope:eqversion:1.0.0.6

Trust: 0.8

sources: CNVD: CNVD-2021-59163 // JVNDB: JVNDB-2018-016303 // NVD: CVE-2018-21122

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-21122
value: MEDIUM

Trust: 1.0

cve@mitre.org: CVE-2018-21122
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2018-016303
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2021-59163
value: LOW

Trust: 0.6

CNNVD: CNNVD-202004-1920
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2018-21122
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2018-016303
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector: ADJACENT NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2021-59163
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2018-21122
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

cve@mitre.org: CVE-2018-21122
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 1.0

NVD: JVNDB-2018-016303
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2021-59163 // JVNDB: JVNDB-2018-016303 // CNNVD: CNNVD-202004-1920 // NVD: CVE-2018-21122 // NVD: CVE-2018-21122

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.8

sources: JVNDB: JVNDB-2018-016303 // NVD: CVE-2018-21122

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202004-1920

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202004-1920

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-016303

PATCH
title:Security Advisory for Denial of Service on Some Switches, PSV-2018-0222url:https://kb.netgear.com/000060236/Security-Advisory-for-Denial-of-Service-on-Some-Switches-PSV-2018-0222
Trust: 0.8
title:Patch for Multiple NETGEAR products input verification error vulnerability (CNVD-2021-59163)url:https://www.cnvd.org.cn/patchInfo/show/284351
Trust: 0.6
title:Multiple NETGEAR Product input verification error vulnerability fixesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117252
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2021-59163 // 
            
            
            
            JVNDB: JVNDB-2018-016303 // 
            
            
            
            CNNVD: CNNVD-202004-1920

EXTERNAL IDS
db:NVDid:CVE-2018-21122
Trust: 3.0
db:JVNDBid:JVNDB-2018-016303
Trust: 0.8
db:CNVDid:CNVD-2021-59163
Trust: 0.6
db:CNNVDid:CNNVD-202004-1920
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2021-59163 // 
            
            
            
            JVNDB: JVNDB-2018-016303 // 
            
            
            
            CNNVD: CNNVD-202004-1920 // 
            
            
            
            NVD: CVE-2018-21122

REFERENCES
url:https://nvd.nist.gov/vuln/detail/cve-2018-21122
Trust: 2.0
url:https://kb.netgear.com/000060236/security-advisory-for-denial-of-service-on-some-switches-psv-2018-0222
Trust: 1.6
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21122
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2021-59163 // 
            
            
            
            JVNDB: JVNDB-2018-016303 // 
            
            
            
            CNNVD: CNNVD-202004-1920 // 
            
            
            
            NVD: CVE-2018-21122

SOURCES
db:CNVDid:CNVD-2021-59163
db:JVNDBid:JVNDB-2018-016303
db:CNNVDid:CNNVD-202004-1920
db:NVDid:CVE-2018-21122

LAST UPDATE DATE
2024-11-23T22:51:26.166000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2021-59163date:2021-08-08T00:00:00
db:JVNDBid:JVNDB-2018-016303date:2020-05-21T00:00:00
db:CNNVDid:CNNVD-202004-1920date:2020-04-26T00:00:00
db:NVDid:CVE-2018-21122date:2024-11-21T04:02:57.270

SOURCES RELEASE DATE
db:CNVDid:CNVD-2021-59163date:2021-08-08T00:00:00
db:JVNDBid:JVNDB-2018-016303date:2020-05-21T00:00:00
db:CNNVDid:CNNVD-202004-1920date:2020-04-22T00:00:00
db:NVDid:CVE-2018-21122date:2020-04-22T16:15:12.327