{"id": "CVE-2017-18789", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "cve@mitre.org", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.5}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2020-04-22T14:15:11.877", "references": [{"url": "https://kb.netgear.com/000049373/Security-Advisory-for-Sensitive-Information-Disclosure-Vulnerability-on-Some-Routers-and-Some-DSL-Modem-Routers-PSV-2017-0426", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6250 before V1.0.4.8, R6400 before V1.0.1.22, R6400v2 before V1.0.2.32, R7100LG before V1.0.0.32, R7300 before V1.0.0.52, R8300 before V1.0.2.94, R8500 before V1.0.2.100, D6220 before V1.0.0.28, D6400 before V1.0.0.60, and D8500 before V1.0.3.29."}, {"lang": "es", "value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una divulgaci\u00f3n de informaci\u00f3n confidencial. Esto afecta a R6250 versiones anteriores a la versi\u00f3n V1.0.4.8, R6400 versiones anteriores a la versi\u00f3n V1.0.1.22, R6400v2 versiones anteriores a la versi\u00f3n V1.0.2.32, R7100LG versiones anteriores a V1.0.0.32, R7300 versiones anteriores a V1.0.0.52, R8300 versiones anteriores a V1.0.2.94, R8500 versiones anteriores a V1.0.2.100, D6220 versiones anteriores a V1.0.0.28, D6400 versiones anteriores a V1.0.0.60 y D8500 versiones anteriores a V1.0.3.29."}], "lastModified": "2020-04-23T20:32:02.030", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13B4777D-CC2E-4A6B-946F-3E511D8D4B36", "versionEndExcluding": "1.0.4.8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43A9840B-1C54-4987-A179-EE8F8F8685FC", "versionEndExcluding": "1.0.1.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB7B08B9-07D2-4404-846A-D1CA02C16557", "versionEndExcluding": "1.0.2.32"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "833A98AF-A4B0-4C68-AACD-6B3F58E64060", "versionEndExcluding": "1.0.0.32"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r7300_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43FCD2C9-C583-49D1-AAB3-B1A1ED483439", "versionEndExcluding": "1.0.0.52"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r7300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "29B13F94-F151-4F00-95C3-D9FB22B3CC2B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A18E8950-B107-4050-AFEF-30C20F6166FA", "versionEndExcluding": "1.0.2.94"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEE4B878-05AB-4B45-BCA4-28795AA454F9", "versionEndExcluding": "1.0.2.100"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA24D11F-7DF0-44E7-B122-7C5853043E71", "versionEndExcluding": "1.0.0.28"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D1F0B30-4BB4-4573-BE0D-381B31CD2A36", "versionEndExcluding": "1.0.0.60"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20564DE0-E58D-4628-ADD6-AC7C90AD85F7", "versionEndExcluding": "1.0.3.29"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}
