CVE-2017-18752

Vulnerability

Multiple NETGEAR routers and extenders are affected by an arbitrary file read vulnerability. The issue exists in firmware versions prior to the fixed releases listed in the advisory [1]. Affected models include EX3700, EX3800, EX6120, EX6130, R6300v2, R6700, R6900, R7000, R7300DST, R7900, R8000, and R8500. The vulnerability allows an unauthenticated attacker on the adjacent network to read arbitrary files from the device.

Exploitation

An attacker with network access to the affected device (adjacent network) can exploit this vulnerability without authentication or user interaction. The attacker sends a specially crafted request to the device, which then reads and returns the contents of arbitrary files [1]. No further details on the exact request are provided in the advisory.

Impact

Successful exploitation leads to unauthorized disclosure of sensitive files from the device, such as configuration files or credentials. The CVSS v3 score is 8.8 (High) with vector AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating high impact on confidentiality, integrity, and availability [1]. However, the described vulnerability is specifically arbitrary file read, so the integrity and availability impacts may be indirect or associated with potential further exploitation.

Mitigation

NETGEAR has released firmware updates to fix this vulnerability. Users should upgrade to the following versions or later: EX3700 to 1.0.0.64, EX3800 to 1.0.0.64, EX6120 to 1.0.0.32, EX6130 to 1.0.0.16, R6300v2 to 1.0.4.12, R6700 to 1.0.1.26, R6900 to 1.0.1.22, R7000 to 1.0.9.6, R7300DST to 1.0.0.52, R7900 to 1.0.1.12, R8000 to 1.0.3.24, and R8500 to 1.0.2.94 [1]. No workarounds are provided; updating firmware is the recommended action.