CVE-2017-18772

Vulnerability

An authentication bypass vulnerability exists in the web interface of multiple NETGEAR devices. Affected models include EX3700, EX3800, EX6120, EX6130, R6300v2, R6700, R6900, R7000, R7300DST, R7900, R8000, R8500, and WNR2000v2 running firmware versions prior to the fixed releases listed in the advisory [1]. The vulnerability allows an attacker to bypass authentication without valid credentials.

Exploitation

An attacker on the same local network (adjacent) can exploit this vulnerability without any authentication or user interaction. The CVSS vector indicates network adjacency and low attack complexity [1]. The exact steps are not detailed in the advisory, but the vulnerability is remotely exploitable over the network.

Impact

Successful exploitation grants the attacker full administrative access to the device, leading to complete compromise of confidentiality, integrity, and availability (CVSS v3 score 8.8, High) [1]. The attacker can read sensitive data, modify device configuration, and potentially launch further attacks on the network.

Mitigation

NETGEAR has released firmware updates for all affected models. Users should update to the latest firmware as soon as possible: EX3700/EX3800 to 1.0.0.64, EX6120 to 1.0.0.32, EX6130 to 1.0.0.16, R6300v2 to 1.0.4.12, R6700 to 1.0.1.26, R6900 to 1.0.1.22, R7000 to 1.0.9.6, R7300DST to 1.0.0.52, R7900 to 1.0.1.12, R8000 to 1.0.3.24, R8500 to 1.0.2.74, and WNR2000v2 to 1.0.2.8 [1]. No workarounds are provided; updating firmware is the only mitigation.