CVE-2017-18777

HIGH Year: 2017
CVSS v3 Score
8.4
High
CVSS v2 Score
2.1
Low
Weakness Type
CWE-522
View all →

Vulnerability Description

Certain NETGEAR devices are affected by administrative password disclosure. This affects D6220 before V1.0.0.28, D6400 before V1.0.0.60, D8500 before V1.0.3.29, DGN2200v4 before 1.0.0.82, DGN2200Bv4 before 1.0.0.82, R6300v2 before 1.0.4.8, R6400 before 1.0.1.20, R6700 before 1.0.1.20, R6900 before 1.0.1.20, R7000 before 1.0.7.10, R7100LG before V1.0.0.32, R7300DST before 1.0.0.52, R7900 before 1.0.1.16, R8000 before 1.0.3.36, R8300 before 1.0.2.94, R8500 before 1.0.2.94, WNDR3400v3 before 1.0.1.12, and WNR3500Lv2 before 1.2.0.40.

Related Vulnerabilities

CVE-1999-0013

HIGH
CVSS:8.4(High)

Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user.

CWE-5221999

CVE-2017-18843

HIGH
CVSS:8.4(High)

Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects R6700v2 before 1.1.0.38, R6800 before 1.1.0.38, and D7000 before 1.0.1.50.

CWE-5222017

CVE-2017-18844

HIGH
CVSS:8.4(High)

Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects R6700v2 before 1.1.0.38, R6800 before 1.1.0.38, and D7000 before 1.0.1.50.

CWE-5222017

CVE-2017-18845

HIGH
CVSS:8.4(High)

Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects R6700v2 before 1.1.0.38 and R6800 before 1.1.0.38.

CWE-5222017

CVE-2017-5700

HIGH
CVSS:8.4(High)

Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator ...

CWE-5222017

CVE-2024-43812

HIGH
CVSS:8.4(High)

Kieback & Peter's DDC4000 series has an insufficiently protected credentials vulnerability, which may allow an unauthenticated attacker with access to /etc/passwd to read the password hashes of all us...

CWE-5222024