CVE-2017-18775

Vulnerability

A cross-site request forgery (CSRF) vulnerability exists in the web-based management interface of several NETGEAR routers. The affected models include R6100 before firmware version 1.0.1.12, R7500 before 1.0.0.108, WNDR3700v4 before 1.0.2.86, WNDR4300v1 before 1.0.2.88, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, and WNR2000v5 before 1.0.0.42 [1]. The vulnerability is present in the firmware versions listed and can be triggered when an authenticated administrator visits a malicious page.

Exploitation

An attacker can exploit this vulnerability by crafting a malicious web page or link that, when visited by an authenticated administrator of the affected router, performs unauthorized actions on the router's management interface. The attacker does not need any prior authentication or network access beyond the ability to trick the administrator into clicking the crafted link or visiting the malicious page. The CSRF attack can be executed remotely without any special privileges [1].

Impact

Successful exploitation allows the attacker to perform any action that the authenticated administrator can perform on the router, including changing configuration settings, modifying firewall rules, enabling remote access, or potentially executing arbitrary commands. This can lead to full compromise of the router and the network it manages, affecting confidentiality, integrity, and availability [1].

Mitigation

NETGEAR has released fixed firmware versions for all affected models. Users should upgrade to the following versions or later: R6100 to 1.0.1.12, R7500 to 1.0.0.108, WNDR3700v4 to 1.0.2.86, WNDR4300v1 to 1.0.2.88, WNDR4300v2 to 1.0.0.48, WNDR4500v3 to 1.0.0.48, and WNR2000v5 to 1.0.0.42. The firmware can be downloaded from the NETGEAR Support website. No workarounds are provided; upgrading is the only recommended mitigation [1].