CVE-2017-6862

high-risk

Published 2017-05-26

NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261.

Do I need to act?

37.5% chance of exploitation in next 30 days

EPSS score — higher than 62% of all CVEs

CISA KEV: actively exploited in the wild

On the Known Exploited Vulnerabilities catalog — federal agencies must patch

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Affected Products (3)

Wnr2000V4 Firmware

Wnr2000V3 Firmware

Wnr2000V5 Firmware

Affected Vendors

Netgear

References (7)

Broken Link http://www.securityfocus.com/bid/98740

Vendor Advisory https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Co...

Broken Link https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2...

Broken Link http://www.securityfocus.com/bid/98740

Vendor Advisory https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Co...

Broken Link https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2...

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-...

/ 100

high-risk

Severity 32/34 · Critical

Exploitability 23/34 · High

Exposure 9/34 · Low