CVE-2017-18717
Description
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A pre-authentication stack buffer overflow in certain NETGEAR routers allows unauthenticated attackers to achieve remote code execution.
Vulnerability
A stack-based buffer overflow exists in certain NETGEAR devices, including D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. The vulnerability is exploitable without authentication [1].
Exploitation
An unauthenticated attacker on the local network can send a specially crafted request to the vulnerable device, triggering a stack-based buffer overflow. The CVSS vector indicates the attack vector is adjacent network (AV:A), low complexity (AC:L), and requires no privileges or user interaction [1].
Impact
Successful exploitation results in arbitrary code execution with high impact on confidentiality, integrity, and availability. The CVSS v3 score is 8.8 (High) [1].
Mitigation
NETGEAR has released firmware updates to fix this vulnerability. Affected users should upgrade to the latest firmware versions: D6200 to 1.1.00.24, R6700v2 to 1.1.0.42, R6800 to 1.1.0.42, and R6900v2 to 1.1.0.42 [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- NETGEAR/D6200description
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.