CVE-2017-18763

Vulnerability

A security misconfiguration exists in multiple NETGEAR routers and extenders. The flaw affects firmware versions prior to the fixed releases listed in the advisory [1]. Affected models include JNR1010v2 before 1.1.0.42, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.42, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6120 before 1.0.0.30, R6220 before 1.1.0.50, R6700v2 before 1.2.0.4, R6800 before 1.2.0.4, R6900v2 before 1.2.0.4, WNDR3700v5 before 1.1.0.48, WNR1000v4 before 1.1.0.42, WNR2020 before 1.1.0.42, and WNR2050 before 1.1.0.42 [1].

Exploitation

An attacker can exploit this vulnerability from an adjacent network (same Wi-Fi or physical proximity) without authentication or user interaction. The misconfiguration likely exposes administrative interfaces or functions that should be restricted, allowing the attacker to issue commands or modify settings [1].

Impact

Successful exploitation results in full compromise of confidentiality, integrity, and availability of the device. The CVSS v3 score is 8.8 (High) with vector AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating complete control over the affected device and potential for further network attacks [1].

Mitigation

NETGEAR has released firmware updates to fix the misconfiguration. Users should update to the latest firmware for their specific model as listed in the advisory [1]. No workaround is available; applying the firmware update is the only mitigation. The vulnerability is not known to be listed in CISA KEV.