CVE-2017-18720
Description
Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An authentication bypass vulnerability in multiple NETGEAR routers allows unauthenticated attackers to gain high privileges over the LAN.
Vulnerability
An authentication bypass vulnerability exists in certain NETGEAR devices, including D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. The flaw allows an attacker to bypass authentication mechanisms without valid credentials [1].
Exploitation
An attacker on the local network can exploit this vulnerability without any authentication or user interaction. The attack vector is adjacent network (AV:A), requiring no privileges (PR:N) and no user interaction (UI:N) [1].
Impact
Successful exploitation leads to high impact on confidentiality, integrity, and availability (C:H/I:H/A:H). An attacker can gain full administrative control over the affected device, potentially modifying settings, accessing sensitive data, or disrupting network operations [1].
Mitigation
NETGEAR has released fixed firmware versions: D6200 firmware 1.1.00.24, R6700v2 firmware 1.1.0.42, R6800 firmware 1.1.0.42, and R6900v2 firmware 1.1.0.42. Users should update to the latest firmware immediately via the NETGEAR Support page [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- NETGEAR/D6200description
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- kb.netgear.com/000052277/Security-Advisory-for-Authentication-Bypass-on-Routers-PSV-2017-2148mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.