CVE-2017-18754
Description
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects WNDR3700v4 before 1.0.2.88, WNDR4300v1 before 1.0.2.90, and WNR2000v5 before 1.0.0.58.
Risk Information
Base Score
6.8
MODERATE
Vector
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.1
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2017-18706 ,CVE-2017-18754 are affected in wndr3700_firmware 1.0.2.86 | NCM |
| Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability (CVE-2017-18754) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234