Sign-up

ID

VAR-202004-1645


CVE

CVE-2018-21158


TITLE

NETGEAR R7800 Vulnerabilities in devices

Trust: 0.8

sources: JVNDB: JVNDB-2018-016390

DESCRIPTION

NETGEAR R7800 devices before 1.0.2.46 are affected by incorrect configuration of security settings. NETGEAR R7800 An unspecified vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R7800 is a wireless router of NETGEAR. No detailed vulnerability details are currently available

Trust: 2.25

sources: NVD: CVE-2018-21158 // JVNDB: JVNDB-2018-016390 // CNVD: CNVD-2020-28145 // VULMON: CVE-2018-21158

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-28145

AFFECTED PRODUCTS

vendor:netgearmodel:r7800scope:ltversion:1.0.2.46

Trust: 1.6

vendor:netgearmodel:r7800scope:eqversion:1.0.2.46

Trust: 0.8

sources: CNVD: CNVD-2020-28145 // JVNDB: JVNDB-2018-016390 // NVD: CVE-2018-21158

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-21158
value: HIGH

Trust: 1.0

cve@mitre.org: CVE-2018-21158
value: HIGH

Trust: 1.0

NVD: JVNDB-2018-016390
value: HIGH

Trust: 0.8

CNVD: CNVD-2020-28145
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202004-2207
value: HIGH

Trust: 0.6

VULMON: CVE-2018-21158
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-21158
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2018-016390
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-28145
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2018-21158
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

cve@mitre.org: CVE-2018-21158
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.0

NVD: JVNDB-2018-016390
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-28145 // VULMON: CVE-2018-21158 // JVNDB: JVNDB-2018-016390 // CNNVD: CNNVD-202004-2207 // NVD: CVE-2018-21158 // NVD: CVE-2018-21158

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2018-21158

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202004-2207

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202004-2207

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-016390

PATCH
title:Security Advisory for Security Misconfiguration on Some Routers, PSV-2017-0700url:https://kb.netgear.com/000059472/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-0700
Trust: 0.8
title:Patch for NETGEAR R7800 has an unknown vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/217437
Trust: 0.6
title:NETGEAR R7800 Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117302
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-28145 // 
            
            
            
            JVNDB: JVNDB-2018-016390 // 
            
            
            
            CNNVD: CNNVD-202004-2207

EXTERNAL IDS
db:NVDid:CVE-2018-21158
Trust: 3.1
db:JVNDBid:JVNDB-2018-016390
Trust: 0.8
db:CNVDid:CNVD-2020-28145
Trust: 0.6
db:CNNVDid:CNNVD-202004-2207
Trust: 0.6
db:VULMONid:CVE-2018-21158
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2020-28145 // 
            
            
            
            VULMON: CVE-2018-21158 // 
            
            
            
            JVNDB: JVNDB-2018-016390 // 
            
            
            
            CNNVD: CNNVD-202004-2207 // 
            
            
            
            NVD: CVE-2018-21158

REFERENCES
url:https://nvd.nist.gov/vuln/detail/cve-2018-21158
Trust: 2.0
url:https://kb.netgear.com/000059472/security-advisory-for-security-misconfiguration-on-some-routers-psv-2017-0700
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21158
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2020-28145 // 
            
            
            
            VULMON: CVE-2018-21158 // 
            
            
            
            JVNDB: JVNDB-2018-016390 // 
            
            
            
            CNNVD: CNNVD-202004-2207 // 
            
            
            
            NVD: CVE-2018-21158

SOURCES
db:CNVDid:CNVD-2020-28145
db:VULMONid:CVE-2018-21158
db:JVNDBid:JVNDB-2018-016390
db:CNNVDid:CNNVD-202004-2207
db:NVDid:CVE-2018-21158

LAST UPDATE DATE
2024-11-23T22:58:17.971000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-28145date:2020-05-14T00:00:00
db:VULMONid:CVE-2018-21158date:2020-05-01T00:00:00
db:JVNDBid:JVNDB-2018-016390date:2020-06-02T00:00:00
db:CNNVDid:CNNVD-202004-2207date:2020-05-06T00:00:00
db:NVDid:CVE-2018-21158date:2024-11-21T04:03:02.673

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-28145date:2020-05-14T00:00:00
db:VULMONid:CVE-2018-21158date:2020-04-27T00:00:00
db:JVNDBid:JVNDB-2018-016390date:2020-06-02T00:00:00
db:CNNVDid:CNNVD-202004-2207date:2020-04-27T00:00:00
db:NVDid:CVE-2018-21158date:2020-04-27T18:15:12.543