CVE-2017-18741

Vulnerability

The vulnerability is a security misconfiguration in several NETGEAR router models that exposes the device management interface or other sensitive services to the local network without proper authentication controls. Affected models include R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.0.1.20, R7000 before 1.0.7.10, R7000P before 1.0.0.58, R6900P before 1.0.0.58, R7100LG before 1.0.0.32, R7900 before 1.0.1.14, R8000 before 1.0.3.22, and R8500 before 1.0.2.94 [1]. The default configuration does not require authentication for certain administrative or diagnostic functions, making them reachable from the local network.

Exploitation

An attacker must be on the same network segment as the affected router (adjacent network). No authentication or user interaction is needed [1]. The attacker can send specially crafted requests to the router's exposed services to read sensitive configuration data or other confidential information without valid credentials.

Impact

Successful exploitation results in the disclosure of sensitive information (confidentiality impact is High). The attacker does not gain code execution or the ability to modify system files (integrity impact is None), and there is no impact on availability [1]. The compromised data could include network credentials, device settings, or other private router configuration details.

Mitigation

NETGEAR has released fixed firmware versions for all affected models: R6250 (1.0.4.8), R6300v2 (1.0.4.8), R6700 (1.0.1.20), R7000 (1.0.7.10), R7000P (1.0.0.58), R6900P (1.0.0.58), R7100LG (1.0.0.32), R7900 (1.0.1.14), R8000 (1.0.3.22), and R8500 (1.0.2.94) [1]. Users should update to the latest firmware immediately. No workarounds other than updating the firmware are provided. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog as of the publication date.